Daily Meeting Report


Monday, 14 October

RIPE 67 Tutorials

RIPE 67 kicked off on Monday morning with three parallel tutorials: “The IETF TRILL Protocol” with Donald Eastlake, “Managing IPv4 Scarcity When Using SSL Certificates – Multiple SSL Certificates on a Single IP Address” with Paul van Brouwershaven, and “Creating and Analysing RIPE Atlas Measurements” with Stéphane Bortzmeyer.

Newcomers’ Introduction Talk

First-time attendees were welcomed by RIPE Chair Rob Blokzijl and RIPE NCC Managing Director Axel Pawlik at the Newcomers’ Introduction Talk. Newcomers learned about RIPE, the RIPE NCC and the ins and outs of a RIPE Meeting.

RIPE 67 Opening Plenary

Opening PlenaryRIPE Chair Rob Blokzijl and Yannis Mitsos of GRnet, the RIPE 67 host, welcomed the RIPE 67 attendees during the opening plenary session of the meeting.

Filiz Yilmaz, RIPE Programme Committee (PC) Chair, gave an overview of the PC’s responsibilities for the plenary programme and invited attendees to send their feedback about the meeting’s content and other PC-related topics to pc [at] ripe [dot] net. She added that on Friday there will be elections for the PC, and anyone interested should use that email address to send a biography, statement of interest and a photo. The session continued with Peter Lothberg of Stupi LLC, and his presentation “TeraStream – A Simplified IP Network Service Delivery Model”. The opening plenary concluded with a lighting talk by Franck Le Gall, “Results of 2013 Global IPv6 Deployment Survey”.

RIPE 67 Plenary – Monday, 16:00-17:30

There were two presentations and three lightning talks in the second plenary session on Monday afternoon. Laurent Vanbever from Princeton University gave an interesting presentation on new applications for SDN-Enabled Internet Exchange Points and the management challenges it can solve for participants and IXP operators. Georgios Smaragdakis from Deutsche Telekom Labs/TU Berlin presented on the benefits and improvements of enabling ISP-CDN collaborations.

The first lightning talk was given by Tore Anderson of Redpill Linpro AS, who helped 24media deploy IPv6 in ten days. At the end of the ten days, seven out of nine sites were on IPv6. Lee Howard of Time Warner Cable presented on the state of IPv6-only networks. Finally, Jan Žorž gave a progress update on the Best Current Operational Practices (BCOP) efforts since RIPE 66 in Dublin. Benno Overeinder volunteered to work on this in the RIPE NCC service region and gave an update on what’s taken place so far.

Monday’s Birds of Feather (BoF) Session

BoFFollowing up on their lightning talk during the afternoon plenary session, Jan Žorž of the Internet Society and Benno Overeinder of NLnet Labs held the “Best Current Operational Practices (BCOP) BoF” to draw attention to the need for a better way to identify, capture and promote best current operational practices documents emerging from various regional network operators’ groups. They suggested that sharing these documents across the globe would benefit the wider Internet community and help more operators deploy new technologies like IPv6 and DNSSEC faster and easier.

The BoF followed up on the first BCOP BoF that took place at RIPE 66 in Dublin, which led the RIPE NCC to establish a mailing list for this effort: bcop [at] ripe [dot] net. This group has already started identifying the topics that need to be addressed.

Conversation and Relaxation at Monday’s Social Events

Attendees appreciated the opportunity to meet the RIPE NCC Executive Board over drinks and canapés at the Aphrodite Room and learn more about the RIPE NCC and its activites.

Everyone had a chance to unwind at the end of a busy and successful first day during the Welcome Drinks. A glass or two of ouzo were raised while old friends and colleagues caught up with one another and new friends were made.

Tuesday, 15 October

RIPE 67 Plenary – Tuesday, 09:00-10:30

PlenaryTuesday’s plenary sessions kicked off with a talk by Nathalie Trenaman, in which she recounted her personal experiences with setting up IPv6 at home. Her conclusion? Alhtough it’s expensive and time consuming, there are still new technologies and protocols being developed to make it possible.

Mark Townsley, Cisco Systems, followed up on the topic of IPv6 at home with his talk “IETF Homenet – Routing IPv6 in the Home”. He explained the details of how Homenet, an IETF Working Group, aims to make IPv6 routing work within the home.

Lee Howard, Time Warner Cable, gave a talk about the cost of the IPv4-IPv6 transition that included hard dollar figures on the price difference between deploying dual-stack network using IPv6 versus opting for CGN. His conclusion? You should have deployed IPv6 ten years ago.

RIPE 67 Plenary – Tuesday, 11:00-12:30

Roland Dobbins, Arbor Networks, presented an analysis of the 2012 – 2013 ‘triple crown’ financial industry DDoS attacks. He described in detail the characteristics of the attacks and the lessons learned.

Geoff Huston, APNIC, presented the results of research about measuring DNSSEC, describing the way in which DNSSEC validation is used worldwide and how long this validation takes. He also proposed some possible ways to improve the process.

Pierre-Antoine Vervier, Symantec Research Labs, presented a case study on “fly-by spammers” – people who hijack address space for spamming purposes. He explained the difficulties people may face in discovering fly-by spammers and presented potential ways to track them and prevent them from hijacking address space.

RIPE 67 Plenary – Tuesday, 14:00-15:30

Alexander Azimov, Highload Lab, presented on route policy verification. He covered why we need route policy data, the problems with current route policy data, the verification data he used, and his results.

Guillaume Valadon and François Contat, ANSSI, jointly presented on the French Internet Resilience Observatory, which studies the French Internet in detail, develops technical interactions with the networking community, publishes anonymised results, and publishes recommendations and best practices.

Jari Arkko, Ericsson, gave a talk called “Pervasive Monitoring and the Internet” that garnered a lot of audience interest and comments while trying to encourage a discussion about how Internet technology can better support security and privacy.

RIPE 67 Plenary – Tuesday, 16:00-17:30

PanelRIPE PC Chair, Filiz Yilmaz, led a panel on the IPv4 transfer market with panelists Peter Thimmesch of Addrex Inc., Louis Sterchi of Kalorama Group, Jeff Mehlenbacher of IPv4 Market Group, Andrea Cima of the RIPE NCC, and Geoff Huston. Attendees got an inside view of the IPv4 broker world as well as the view from the RIPE NCC.

Geoff Huston, APNIC, gave an entertaining analysis of how DNS works within the GFW (Greate Firewall) of China. Brian Nisbet, HEAnet, continued with an interesting talk about using twitter for monitoring. Wout de Natris, eco, finished with an introdcution to ACDC (Advanced Cyber Defence Centre).

Tuesday’s Birds of Feather (BoF) Session and Workshop

Wout de Natris, eco, led the BoF “Advanced Cyber Defence Centre (ACDC) Discussion”, which explained that ACDC is an EU project to mitigate botnets at different levels. Wout invited those in attendance to get involved by participating in the development of ACDC and cooperating in the experiments ACDC will run in the coming two years.

During the “Getting the Most from RIPEstat” workshop, Vesna Manojlovic and Chris Amin of the RIPE NCC demonstrated how users can take advantage of this web-based interface that provides everything you ever wanted to know about IP address space, Autonomous System Numbers (ASNs), and related information for hostnames and countries in one place.

GCCIX Party at Gazarte

RIPE 67 attendees enjoyed drinks, dancing, good conversation, and a great view of Athens from the open-air terrace on the top floor of Gazarte in one of Athen’s most vibrant neighbourhoods. Thanks to our sponsor, GCCIX, for the great time that was had by all!

Wednesday, 16 October

Address Policy Working Group – Sessions I + II

Both Address Policy Working Group sessions were jam-packed with policies and issues to discuss. After a policy overview and feedback from the RIPE NCC Registration Services Department, discussion moved to current policy topics. Tore Anderson, Redpill Linpro AS, presented changes to 2013-03, “No Need – Post Depletion Reality Adjustment and Cleanup”, which has gained a lot of attention since being introduced at RIPE 66. This was followed by 2013-05, “No Restrictions on End User Assignments in Intra-RIR Transfers”, which was proposed by Sasha Pollock, IPHH GmbH.

The second session began with a discussion of RFC 2119 and the language used in RIPE Documents, started by Jan Žorž, Internet Society (ISOC). The rest of the session was spent examining the various aspects of 2013-06, “PA/PI Unification IPv6 Address Space”, which proposes a number of changes to the way the RIPE NCC handles IPv6.

Open Source Working Group

Nat Morris, Cumulus, presented a method of overcoming traditional network limitations using open source. He announced that Cumulus is developing a version of Linux that runs on switches and routers. He invited people to consider the product, and spoke about some of the work they’re doing in developing drivers for many of the components. He then answered questions regarding the use of hardware.

Scott Wilkerson, Nagios, took the stage to present Nagios’ history, present and future, including the move to a corporate framework and new feature additions in IPv4. He solicited support from the community and directed attendees to the Nagios website for further feedback. Attendees asked about the differences between Nagios Core and XI and the contributions of corporate vendors to the open source nature of the project.

Willem Toorop, NLnet Labs, gave an update about the progress of NSD4. He detailed the new release of NDS4, including what’s better, faster, stronger and different. He then described the configuration process.

DNS Working Group – Sessions I + II

The DNS Working Group session kicked off with an update on ENUM-related statistics from the ENUM Working Group Co-Chair – a new feature now that the ENUM Working Group no longer holds its own sessions. This was followed by four related presentations by Willem Toorop, NLnet Labs; Geoff Huston, APNIC; Ralf Weber, Nominum; and Tomáš Hlaváček, CZ.NIC. The presentations looked at various DNS fragmentation and amplification attack issues. The session closed with an all-speakers panel and some lively discussion from participants on strategies to mitigate these vulnerabilities.

During the second session, Anand Buddhev, RIPE NCC, gave an update on the RIPE NCC’s DNS services. DNS Working Group Chair, Peter Koch, called for community volunteers to join a small, short-lived group to help inform a DNS Working Group discussion regarding whether and how the RIPE NCC should continue the ccTLD DNS secondary service. Anyone interested should contact the chairs at dns-wg-chairs [at] ripe [dot] net. Jeff Osborn introduced himself as the new CEO of ISC and told the audience that, “Open source is the heart and soul of what we do”. There were several other talks and demos, including “Which habitat fits your name server’s nature best?” by Willem Toorop, NLnet Labs; “Introducing Hedgehog” by Dave Knight, ICANN; “Client-IP EDNS Option Concerns” by Florian Streibelt, TU Berlin; “OTE’s resolver infrastructure/design/rollout” by Kostas Zorbadelos, Otenet; and “DITL Data Analysis for ICANN gTLD Collision Study” by Jim Reid, RTFM LLP.

IPv6 Working Group

Geoff Huston, APNIC, gave an entertaining overview of the growth in the number of IPv6 End Users over the past year. Peter Löthberg and Mikael Abrahamsson, T-systems, gave many details about Deutsche Telekom’s Terastream, followed by a lively discussion about whether this is good use of IPv6 bits. Zuzana Duračinská, NIC CZ, presented statistics from the GEN6 project regarding IPv6 readiness and public administration in Europe. The session ended with a presentation by Yannis Nikolopoulos, OTE, who presented a detailed template for an ISP IPv6 addressing plan.

RIPE NCC Services Working Group

Serge Radovcic, RIPE NCC, and Desiree Miloshevic, Oxford Internet Institute, thanked everyone for the high level of participation in the RIPE NCC Survey 2013 and highlighted a few of the main results. Overall, there were high ratings throughout and a lot of support for new and more varied ways of communicating with the RIPE NCC. The RIPE NCC will now develop a list of the areas to be investigated and will publish how these were acted on in 2014.

Axel Pawlik, RIPE NCC, gave an update on the changing landscape of the Internet and how the RIPE NCC will be responding in 2014 to keep up with its fast pace.

Andrew de la Haye, RIPE NCC, summarised the operational trends seen within the RIPE NCC over the last few months and highlighted the work being done in various areas on keeping the RIPE Registry accurate. The recent cases of address hijacking generated some
interest among the attendees.

RIPE NCC Services Working Group Chair, Kurtis Lindqvist, presented the latest status of the policy proposals being discussed by the RIPE NCC Services WG. The RIPE NCC promised to share the implementation plans for 2013-04, “Certification for non-RIPE NCC members”, with the RIPE NCC Services Working Group in order to gain more feedback.

Thursday, 17 October

EIX Working Group – Sessions I + II

Wolfgang Tremmel, DE-CIX, shared DE-CIX’s experiences with their ongoing Apollon migration. Ben Hedges, LINX, gave an update on the peering scene as seen from LINX. Next, Harald Michl, UniVie/ACOnet/VIX, updated the group on the status of the IXP wishlist review. The group then heard a selection of updates from various IXPs on their recent news. To round off the session, Kaveh Ranjbar, RIPE NCC, explained how the RIPE Atlas network might benefit IXPs and their customers.

Following a proposal by Nick Hilliard, Inex, the EIX Working Group reached consensus to disband. There were suggestions to organise a new Interconnection BoF during RIPE 68 in Warsaw in order to work on a charter and the creation of a new Interconnection Working Group. Several people volunteered to organise the BoF, including Nina Bargisen, Netflix; Martin Levy, Hurricane Electric; Ren Provo, Apple, Inc.; and Mauro Magrassi, Mix Milan.

IPv6 Working Group – Session II

Following Wednesday’s session, the second IPv6 Working Group session kicked off with Yannis Nikolopoulos, OTE, who presented a case study of an ISP IPv6 addressing plan.
Benedikt Stockebrand, Stepladder IT, provided an entertaining talk on “Small Scale Redundant IPv6 Uplinks without BGP”. Jen Linkova, Google, gave an animated presentation (Star Wars quote and all) about IPv6 source addresses that included results from an experiment, collecting data for a few days both two years ago, before IPv6 Launch Day, and again this year. Tassos Chatzithomaoglou, Forthnet, gave an informative presentation about IPv6, DS-Lite and PCP. He conceded that switching on IPv6 was much easier than they at Forthnet had initially thought, especially as they had already implemented support within their infrastructure on several levels. Marco Hogewoning, IPv6 Working Group Chair, wrapped up the session by inviting feedback regarding the IPv6-only network – response was positive and there was expressed demand from the room for an IPv6-only network at RIPE 68 and beyond.

Database Working Group

Johan Åhlén and Denis Walker, RIPE NCC, gave an update on various changes to the RIPE Database software and features, including the software release process. Rüdiger Volk, Deutsche Telekom Technik GmbH, presented his own slide about the minimum requirements for the release process, and there was much debate about it. There was also discussion about the abuse-c attribute, which is available in production and will soon become mandatory for all objects in the RIPE Database. Zoltan Szamonek, Google, gave a presentation about self-published geo-feeds, which allow a network operator to provide geolocation data about their prefixes to a content distribution network. As part of other business, an audience speaker said that a large proportion of routing data in the RIPE Database is inaccurate, and should either be fixed or deleted.

Routing Working Group

Alex Band, RIPE NCC, presented a new feature of the RIPE NCC RPKI efforts: making minority space eligible for RPKI. The RIPE NCC built a framework that now allows signing of these resources via the corresponding “majority RIR”. This means that LIRs that hold prefixes out of minority space will now see these in their certificate. Currently, address space held by non-members and legacy address space are excluded from this service, pending the acceptance of related policy proposals. Denis Walker, RIPE NCC, presented the idea of a potential separation between how we manage data as opposed to how we present data in the RIPE Database.

Anti-Abuse Working Group

Denis Walker, RIPE NCC, talked about the implementation progress of policy 2011-06, “Abuse Contact Management in the RIPE NCC”. The RIPE NCC now provides a simple form in the LIR Portal for adding this information. Towards the end of 2013, all LIRs that haven’t added this information will be
updated with default information. Sander Steffann, SJM Steffann, mentioned there was little discussion about policy proposal 2013-01 and asked for comment. Tobias Knecht, abusix GmbH, presented on X-ARF (Extended Abuse Reporting Format). The standard is quite stable now, and several large companies are using it for consistent reporting of abuse. Thorsten Kraft, eco e.V., introduced ACDC (Advanced Cyber Defence Centre), a cross-border, EU-funded project to share information and solutions about cyber attacks.

MAT Working Group

Enrico Gregori, IIT-CNR, gave an overview of how the Isolario project is helping to create a map of the Internet at the Autonomous System level, using active and passive techniques involving smartphone crowdsourcing. Emile Aben, RIPE NCC, suggested the community could find ways to better geolocate Internet infrastructure and make this data publicly available. Attendees agreed that this would be a good idea and will follow up on the MAT Working Group Mailing List. Razvan Oprea, RIPE NCC, presented results from a study that looked at how organisations in critical infrastructure sectors within the Netherlands connect to the Internet. He used public sources of information working at the AS level to discover that many of these organisations may need to rethink their connectivity strategies. Vesna Manojlovic, RIPE NCC, gave an update on RIPEstat, the RIPE NCC’s “one-stop shop” for information about Internet number resources, including the new BGPlay and Abuse Contact Finder widgets, and customisable views. Vesna also updated the group on the latest features in RIPE Atlas and introduced the new RIPE Atlas anchor service, which will add regional targets to the network.

Cooperation Working Group

The session kicked off with a panel on Internet Exchange Points, Internet interconnection and the public sector. Patrik Fältström, Netnod, moderated a discussion with panelists Panayiotis Gotsis, GRNET; Jane Coffin, Internet Society (ISOC); and Malcolm Hutty, Linx. It looked at issues of Internet interconnectivity in the developing world and the efforts towards developing community-based IXPs. Athina Fragkouli, RIPE NCC, provided an update on EU legislative developments regarding network security, while Nathan Hickson, Netflix, discussed ICANN’s development of a European regional engagement strategy. Chris Buckridge, RIPE NCC, concluded with a look ahead to 2014, including ITU and governmental events. The session closed with a decision by the working group to consider several nominees for co-chair on the Cooperation Working Group Mailing List over the coming months.

RIPE 67 Dinner at Balux Lounge

Everyone enjoyed a lovely evening of drinks on the terrace, dinner, conversation, and traditional Greek dancing at the Balux Lounge. Old and new friends and colleagues had a chance to compare notes and make new memories. Many thanks to our sponsor, Netnod!

Friday, 18 October

RIPE 67 Plenary – NRO/RIR Reports

The final day of RIPE 67 saw the Athens sunshine return for the bright and early NRO/RIR Reports plenary session. Representatives from each of the five RIRs except AFRINIC gave updates on their organisations’ latest activities and priorities, including Geoff Huston, APNIC Chief Scientist; Aaron Hughes, ARIN Board of Trustees; Luisa Villa, LACNIC Customer Services Manager; and Axel Pawlik, RIPE NCC Managing Director. Ingrid Wijte, RIPE NCC, also gave an update on the latest NRO statistics and Selina Harrington, IANA, gave the IANA update.

With only one candidate, Filiz Yilmaz, for the available space on RIPE Program Committee (PC), attendees voted to allow Filiz to take the seat without holding an election.

RIPE 67 Closing Plenary

Andrew Yourtchenko, Cisco, gave an in-depth presentation about how to run a CGN on a $20 OpenWrt.

Will Hargrave, LONAP, gave a lightning talk about reducing the impact of IXP maintenance by switching up the usual order of things.

Gordon Lennox gave a lightning talk about defining the public Internet in which he suggested the Internet is not a network of networks, but a collection of services that others make available. His talk garnered many comments from attendees.

Bijal Sanghani, Euro-IX, announced the decision that was reached the day before at the EIX Working Group session to dissolve that working group and create a new Interconnection BoF in its place. She thanked the EIX Working Group Chairs, Fearghas McKay and Andy Davidson, and invited Mauro Magrassi, Mix Milan, to explain what the focus of the new BoF will be.

Jan Žorž, Internet Society (ISOC), and Benno Overeinder, NLnet Labs, presented their proposal to start a new Operations Working Group, after two successful “best operational practices” BoFs at RIPE 66 and RIPE 67. There were comments from several attendees about whether a working group is the best way to proceed, and RIPE Chair Rob Blokzijl suggested that Jan and Benno start with an Operations Task Force for the time being, before potentially developing this into a working group.

Axel Pawlik, RIPE NCC, announced the results of the election that took place earlier that morning for the vacant seat on the NRO Number Council. The three candidates received the following number of votes: Alain Bidron, 17 votes; Sander Steffann, 37 votes; and Filiz Yilmaz, 37 votes. Because there was a tie between two of the candidates and there is no official procedure about how to resolve a tie, Axel asked Brian Nisbet, HEAnet, to draw a vote at random from the election box. As a result, Filiz Yilmaz was declared the winner.

RIPE Chair Rob Blokzijl gave the closing plenary presentation and reviewed the facts and figures of RIPE 67. There were 421 attendees (470 including RIPE NCC staff) including 116 newcomers.

Rob also announced that, after nearly 25 years of chairing RIPE Meetings and leading the RIPE community, he has decided the time has come to step down. He has appointed Hans Petter Holen, Visma, as the RIPE Deputy Chair, a new role. Hans Petter will take over as RIPE Chair at the end of the next RIPE Meeting in May 2014. Rob assured everyone that even after the next RIPE Meeting, he would certainly not disappear from the community.

He closed the session and the meeting by thanking all those involved in its organisation and inviting everyone to RIPE 68 in Warsaw in May 2014.