ZANOG23

22 Mar 2023, 07:30 → 23 Mar 2023, 23:00 Africa/Johannesburg

Injabulo (Indaba Hotel, Spa and Conference Centre)

Fearghas McKay, Janine Lario

ZANOG 23 (2023) will be held in Johannesburg, South Africa

The ZANOG 23 (2023) plenary will take place on March 22-24, 2023 in Johannesburg, South Africa, at the Indaba Hotel and Spa.

---

ZANOG is a group of individuals, who have a strong interest in Internet-related technologies. Typically, we are people that work or have worked at ISPs, WISPS, hosting companies, or other businesses that make significant use of the Internet.

ZANOG-23 will be a 3 day event;  1 day of which is tutorials, and 2 days are full-technical plenary sessions.

---

---

ZANOG-23 SPONSORS

 

Title Sponsor         

---

Peering sponsor

---

Training Sponsor

       

---

Medium Sponsor         

---

Medium Sponsor

       

---

T-shirt Sponsor

       

---

Social Sponsor

       

---

Coffee Sponsor

       

---

Small Sponsor

       

---

 

---

Small Sponsor

       

 

---

Small Sponsor

 

       

---

Small Sponsor

 

       

---

Bandwidth Sponsor

 

       

---

Wifi Sponsor

 

       

---

 

---

Livestream:  Coming soon! 

Twitter: #ZANOG23

Jabber Chatroom:  Coming soon!

Flickr:  Coming soon! 

---

Wednesday 22 March ¶

07:30 Morning Croissants

1 Newcomer’s session : How to get the most out of ZANOG¶

Speaker: Amreesh Phokeer

2 Welcome, Housekeeping¶

Speaker: ZANOG Executive Committee

3 Keynote - Building a greenfield fiber network in the 2023¶

Speaker: Jared Mauch

10:00 Coffee Break

4 RPKI Time-of-Flight: Tracking Delays in the Management, Control, and Data Planes¶

As RPKI is becoming part of ISPs’ daily operations and Route Origin Validation is getting widely deployed, one wonders how long it takes for the effect of RPKI changes to appear in the data plane. Does an operator that adds, fixes, or removes a Route Origin Autho- rization (ROA) have time to brew coffee or rather enjoy a long meal before the Internet routing infrastructure integrates the new information and the operator can assess the changes and resume work? The chain of ROA publication, from creation at Certification Authorities all the way to the routers and the effect on the data plane, involves a large number of players and is not instantaneous and is often dominated by ad hoc administrative decisions. This is the first comprehensive study to measure the entire ecosystem of ROA manipulation by all five Regional Internet Registries (RIRs), propagation on the management plane to Relying Parties (RPs) and to routers; measure the effect on BGP as seen by global control plane monitors; and finally measure the effects on data plane latency and reachability. We found that RIRs usually publish new RPKI information within five minutes, except APNIC which averages ten minutes slower. We observe significant disparities in ISPs reaction time to new RPKI information, ranging from a few minutes to one hour. The delay for ROA deletion is significantly longer than for ROA creation as RPs and BGP strive to maintain reachability. Incidentally we found and reported significant issues in the management plane of two RIRs and a Tier1 network.

Speaker: Amreesh Phokeer (Internet Society)

230322.zanog-rpki-ecosystem.pdf

5 BGP Security - Hijack and Route Leak Detection¶

In this presentation, we focus on BGP security using the Code BGP platform. We start with an introduction to the various types of BGP hijacks and route leaks and the challenges related to detecting BGP anomalies. We explain how the Code BGP Platform leverages multiple data sources and GraphQL subscriptions to detect BGP events of interest. We present two exact prefix hijack events against root DNS prefixes that took place a month ago. Finally, we do a live demo of configuring alert rules, doing actual announcements on the Internet and detecting hijacks.

Speaker: Lefteris Manassakis (Code BGP)

BGP Security - ZANOG23.pdf

6 CSIRT Under Attack!¶

After 3 weeks of complex Investigation, an apparently ordinary IT problem will suddenly shake the Incident Response Team with one of its members directly targeted by a Criminal Organization.
A real Cyber Attack was narrated from the eyes of the Incident Handler to show the CSIRT reaction in case of an out-of-the-playbook Incident.
Why DFIR and OSINT should be essential parts of any mature Cyber Security Practice

Speaker: Riccardo Tani

12:30 Lunch

7 ASPA: RPKI-based AS_PATH verification¶

Speaker: Ben Maddison

8 Open Source and Community Based solutions for DDOS Mitigation¶

In this talk we will discuss a number of solutions for DDOS mitigation. This will be a technical presentation. We will discuss traditional ACL's, Blackhole routing, uRPF, RTBH, how to leverage BGP to deploy a protective shield, and a community based solution that leverages RTBH at global scale. In addition we will discuss the importance of BCP 38 and RPKI signing of routes to further protect the Internet from DDOS attacks.

Speaker: John Brown (Team Cymru)

9 How to Avoid Fines and Stay out of Prison: A Guide for ISPs¶

There are many legal and regulatory obligations on South African ISPs, from complying with ICASA's licensee reporting requirements to registering with the Film and Publication Board. This presentation looks at some of the current obligations and their impact on ISPs as well as investigating how network operators should be planning for future compliance requirements.

Speaker: Ant Brooks (ISPA)

10 Whisky BOF with quiz / informal social¶

18:00 Formal Social

Thursday 23 March ¶

07:30 Morning Croissants

11 5G Transport and Data Center Fabrics Architecture and Requirements¶

This presentation discuss the necessary evolution of the Edge and Central Data Center transport network designs and architectures to comply with the increased requirements in 5G networks.

Speaker: Mikael Holmberg (Extreme Networks)

EXTR-ZANOG-5G-TR.pdf

12 Spatial Division Multiplexing: A New (Subsea) Cable Paradigm¶

This paper summarizes the current state-of-the-art in how submarine cable transmission technologies are evolving to support even more capacity over longer distances, not only as the content providers dominate the space, but also as older cables run out of capacity and need to be replaced with new systems.

Speaker: Mark Tinka (SEACOM)

sdm-a-new-subsea-paradigm-final.pdf

13 Routing perspectives from Netflix¶

10:30 Coffee Break

14 Scrapping 3064s... and other Layer-2 best practices #51¶

A review of the usage of layer-2 in modern networks - the good, the bad, and the ugly. How to make layer-2 network more secure and robust.

Speaker: Mr Graham Beneke

15 Lightning Talks¶

Yolande - How far behind are we (15min)
Mark - ICANN DNS (15min)

16 FNO Survey 2023¶

Speaker: edrich de Lange (KZNNOG)

17 Measuring DNS hygiene¶

Speaker: Amreesh Phokeer (Internet Society)

ZANOG DNS hygiene.pdf

12:30 Lunch

18 Futureproofing ISP DNS Recursive Resolver¶

Speaker: John Todd

19 21st Century Data Centres¶

Speaker: Martin Atkinson (Equinix Inc)

More than Just Space & Power -ZANOG March 2023 M Atkinson 1.6.pdf

20 Panel: Data Centres in the time of Load-shedding¶

Speaker: Angus Hay

16:30 Closing Cocktail

21 Scrapping 3064s... and other Layer-2 best practices¶

A review of the usage of layer-2 in modern networks - the good, the bad, and the ugly. How to make layer-2 network more secure and robust.