APRICOT 2006 Program > Workshops & Tutorials > Workshops
PLEASE NOTE: All workshops run for 5 days (22 - 26 Feb 2005). Full 5-day attendance is required.
| ISP Routing |
Class Size:
28 Attendees must bring a laptop computer Who should attend: This is a technical workshop, made up of lectures and hands-on lab work. Open to technical staff who are now or soon will be building or operating a wide area TCP/IP base Internet Service Provider (ISP) network or Internet eXchange Point (IXP), likely with international and/or multi-provider connectivity. Pre-requisites: Cisco IOS Fundamentals; user level UNIX and maybe some system administration; some use of network design, preferably TCP/IP-based. What you will learn: • Techniques for design, set-up, and operation of a metropolitan, regional, or national ISP backbone network. This includes advanced OSPF, BGP4, and policy based routing configurations. • IOS Essentials every ISP should be doing. The hidden secrets that all key NSPs have been using for years, but not telling anyone (i.e. competitive advantage). • Techniques for the design, set-up, and operation of Internet Exchange Points. • Techniques for multiple connections to the Internet (multihoming), including connections to IXPs and ISPs. • Techniques to achieve optimal performance and configuration from a Cisco backbone router. This includes routing scalability, network design, and configuration tips. Technologies Covered: OSPF and OSPF areas, iBGP, eBGP, BGP Scaling, BGP Policies, Route Reflectors, BGP Best Practices, BGP Configuration Essentials, Policy Routing, IXP Design. |
[Top]
| BGP Multihoming |
Class Size: 28 Attendees must bring a laptop computer Who should attend: This is a technical workshop, made up of lectures and hands-on lab work. Open to technical staff who are operating a wide area TCP/IP base Internet Service Provider (ISP) network or Internet eXchange Point (IXP), likely with international and/or multi-provider connectivity. Pre-requisites: Cisco IOS Fundamentals; user level UNIX and maybe some system administration; some use of network design, preferably TCP/IP-based; knowledge of OSPF and of BGP. Ideally all attendees will have in the past completed the APRICOT Routing Workshop. What you will learn: • Techniques for design, set-up, and operation of a metropolitan, regional, or national ISP backbone network. This includes advanced BGP4 and complex network configurations. • Techniques for the design, set-up, and operation of Internet Exchange Points. • Techniques for multiple connections to the Internet (multihoming), including connections to IXPs, other ISPs and to Internet Transit providers. • Techniques to achieve optimal performance and configuration from a Cisco backbone router. This includes routing scalability, network design, and configuration tips. Technologies Covered: Refresher on OSPF and iBGP; eBGP, BGP Scaling, BGP Multihoming Techniques, BGP Transit, BGP Best Practices, BGP Communities, Advanced IXP Design. |
[Top]
| IPv6 Deployment |
Class Size: maximum 28 Attendees with laptops are desirable. Intended Audience: Engineers and operational staffs at ISPs and large networks including academic networks who are planning to use IPv6 either as research or into production networks. Anyone who wants to learn how IPv6 works in practice can also attend. Pre-Requisites: Good knowledge of IPv4 addressing, network operations as well as knowledge of DNS, Routing with both IGP and BGP. It is important that students have good prior knowledge of operations in IPv4 in order for them to attend this workshop. Topics Covered: The workshop will be a a combination of theory and lab. The lab will constitute about 60% of the total course. The course will cover History of IPv6 IPv6 Design and addressing Transition from IPv4 to IPv6 IPv6 Neighbour discovery Applications Is IPv6 any good? Configuring IPv6 on your machines - RIP |
[Top]
| DNS & DNSSEC |
Class Size: maximum 28 Attendees with laptops are desirable. Intended audience: This course is suited for systems staff, network administrators, DNS administrators, and other staff with responsibility for design and operations of network services (almost all of which depend on DNS). Anyone else who wants a better understanding of how DNS actually works is welcome too. ccTLD administrators are most welcome.
What you will Learn: A complete and compact introduction to DNS. All of "classic DNS" is covered. Most of standard DNS issues are both theoretically discussed and, through lab exercises, worked with in practice. Excerpt of topics covered: historic overview, database structure, record types, zones and domains, DNS message structure, recursion, authoritative servers, resolvers, caching, delegation, glue records, the ice floe model vs. the tree hierarchy model, reverse delegation, master vs slave, primary master and hidden master, zone transfers, notify, access control, logging, implementations, design alternatives and aspects. As time permits, more complex scenarios (including firewalls, "split-DNS", forwarding, etc), TSIG (Transaction Signatures), rndc (remote control of BIND9 nameservers), EDNS(0) (Extended DNS), DNSSEC (securing DNS data through the addition of digital signatures), views, etc. The lab exercises are performed in a BIND9 environment. The later part of the course covers emerging topics such as secure dynamic update of DNS data. Furthermore DHCP for address space management is covered, including all the details of interection between DHCP and DNS in environments utilizing dynamic update. This course also treat the DNS aspects of IPv6 and DNS issues with migration to a mixed IPv4/IPv6 Internet. Finally international domain names are discussed in some detail. All topics are fully covered with both lectures and hands-on exercises. |
[Top]
| ISP and NSP Network Security |
Class Size: maximum 28 Attendees with laptops are desirable. Intended audience: Network Operations and security staff at ISPs and Network Service Providers. People who are trying to learn ropes of establishing a functioning security system in their network core and edges. Any one else with interest in Security topics. Pre -Requisites: This is an advanced course. Good familiarity with UNIX command line and system administration jobs. Knowledge of Layer 3 protocols, and command line of popular routers. Basic knowledge of security concepts is an added advantage. What do you Learn: The ISP / NSP Security Workshop focuses on following components to provide comprehensive understanding and hands-on experience allowing you to gain valuable experience in network security best common practices, tools and techniques. - Network infrastructure security For network infrastructure security, best common practice for protecting infrastructure including IP addressing, baseline building, securing IGP and BGP routing protocols and router filtering techniques are covered in detail. Controlling access to the routers, collecting network telemetry information and control plane protection techniques are discussed. A six step methodology for detecting and mitigating DDoS attacks on the infrastructure provides hands-on understanding on how to deal with such attacks. Anti-spoofing measures to combat IP spoofing attacks and Remotely Triggered Blackhole (RTBH) filtering to protect against infrastructure attacks hands-on practice provides easy to deploy tools on the SP networks. The security services address designing, deploying and managing L3 Virtual Private Networks. A balanced discussion covering security of L3VPN provides good basis of evaluating the level of security for the business needs. Finally, a discussion of how managed security services such as IP VPN prepares SP networks for provisioning other security services. |
[Top]
 |
 |
 |
 |
|
|
 |
|
 |
||||||||||||||||||||
APRICOT 2006 |
|
|
||||||||||||||||||||
 |
 |
|||||||||||||||||||||
|
|
