NetLdn #31 – 12/05/2022

Upstairs @ The Wheatsheaf
25 Rathbone Place
Fitzrovia, W1T 1JB

Arrival from 1830hrs. 
Talks begin promptly at 1900hrs.

RSVP (Free): Eventbrite

Talk 1: Prometheus for network user experience (and not only) monitoring

Quite a few times I’ve had to deal with requests stating that there is a network problem in a remote branch location, preventing office employees from doing their job, whereas monitoring systems were showing literally nothing unusual. In order to solve the problem I have built a monitoring system leveraging Prometheus to show user experience, which started my journey to start building my own exporters. I would like to share my experience to show network engineers where Prometheus could be helpful, what the challenges are, and how to overcome them.

Presenter: Anton Karneliuk (@AntonKarneliuk)

Talk 2: BGPsec in the context of routing system security

BGPsec enjoys global world domination. Or does it? No, it does not. At least not yet. Therefore this needs to be addressed.

BGPsec has been around in theory and on paper for a while. Not in practice and deployments, though. Some production scale and quality experimentation with BGPsec has revealed quite a number of incorrect design time assumptions, outright wrong decisions made, lack of community understanding of how it could and should be used, and how can it fit into the overall routing security framework. One of the open gaps is the unawareness of the community, primarily operations community, of how BGPsec functions and how it should be deployed.

This talk covers three main areas:

– BGPsec the protocol, covering the protocol mechanics itself and how it operates on the BGP signaling level;
– Infrastructure required for BGPsec operation, covering aspects of providing and distributing supporting informational elements into BGPsec system – integration with RPKI machinery, what is required from the perspective of registries and certificate authorities, what are the scalability properties expected from the RPKI side, and practical aspects of how existing origin and path validation tooling would need to be extended to cover BGPsec too;
– BGPsec in the context of the overall routing security, and how it would match or interwork with the current understanding of routing security as realized by origin and path validation, with specific scenarios of what it would take to deploy BGPsec from the perspective of edge node, transit operator, an IX, and a CSP.

Presenter: Ignas Bagdonas

After Talks: Networking for Networkers

Stay around after the talks for a social hour.

Author: Richard Patterson

IP/MPLS Design Engineer

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: