Please note that APRICOT Workshops will be at Cyberport, and the main conference will be at the Hong Kong Convention and Exhibition Centre.

Scheduled breaks: Coffee Break at 10:30-11:00, Lunch at 12:30-14:00, Coffee Break at 15:30-16:00.

Monday 14 February 2011 - Wednesday 16 February 2011 Venue: Level 3, Cyberport 3, Cyberport
09:00 - 17:30 APTLD Workshop Video Conferencing Room 2
Tuesday 15 February 2011 - Friday 18 February 2011 Venue: Level 3, Cyberport 3, Cyberport
09:00 - 17:30 APRICOT Workshop: IPv4/IPv6 Routing Training Room 1 & Function Room 3
09:00 - 17:30 APRICOT Workshop: ISP Security Training Room 3
09:00 - 17:30 APRICOT Workshop: Network Management Function Room 2
09:00 - 17:30 APRICOT Workshop: Multicast Training Room 2
09:00 - 17:30 APRICOT Workshop: DNS and DNSSEC Function Room 1
Saturday 19 February 2011 Venue: Level 3, Cyberport 3, Cyberport
09:00 - 15:30 APRICOT Workshop: IPv4/IPv6 Routing Training Room 1 & Function Room 3
09:00 - 15:30 APRICOT Workshop: ISP Security Training Room 3
09:00 - 15:30 APRICOT Workshop: Network Management Function Room 2
09:00 - 15:30 APRICOT Workshop: Multicast Training Room 2
09:00 - 15:30 APRICOT Workshop: DNS and DNSSEC Function Room 1
15:30 - 17:30 Workshop Social Event Seaview Concourse
Sunday 20 February 2011
09:00 - 17:30 APAN TEIN3 Novotel Hotel (Lower Lobby)
09:00 - 17:00 AP* & AANF Retreat Meeting Novotel Hotel (Lower Lobby)
17:00 - 19:00 DotAsia AGM Novotel Hotel (Lower Lobby)
17:30 - 19:00 APNIC/APRICOT/APAN Newcomers Orientation HKCEC Convention Hall A
Monday 21 February 2011
09:00 - 12:30 APRICOT Tutorial: DNSSEC HKCEC S228
09:00 - 12:30 APRICOT Tutorial: BGP Techniques for Service Providers HKCEC S226
09:00 - 12:30 APRICOT Tutorial: Introduction to Network Forensics - using Netflow and Nfsen as a forensic tool HKCEC S227
09:00 - 12:30 APNIC Tutorial: Internet Resource Management HKCEC S223
09:00 - 12:30 NetMission + APNG Camp S426+S427
09:00 - 12:30 APAN Medical WG HKCEC S421
09:00 - 10:30 APAN DMSP Nighttime Lights of China HKCEC S425
09:30 - 12:30 DNSSEC Executive Summit HKCEC S221
11:00 - 14:00 APAN APAN Board Meeting Discussion (closed) HKCEC S229
11:00 - 12:30 APAN THEOS Data Users HKCEC S425
14:00 - 15:30 APRICOT APRICOT-APAN Joint Opening Ceremony HKCEC Convention Hall B+C
16:00 - 17:30 APRICOT APOPS Plenary - IPv6 Operations HKCEC Convention Hall B+C
17:30 - 19:00 APRICOT BoF: Assistive Communication Technology (ACT) HKCEC S226
19:00 - 21:00 APRICOT-APAN Joint Opening Social Café Deco, The Peak
Tuesday 22 February 2011
09:00 - 17:30 APAN Medical WG HKCEC S421
09:00 - 12:30 APAN eCulture HKCEC S425
09:00 - 17:30 NetMission + APNG Camp S426+S427
09:00 - 10:30 APAN Joint Peering Plenary: Peering perspective from R&E Networks HKCEC Convention Hall B+C
09:00 - 17:30 APAN Future Internet Testbed Workshop HKCEC S423 + S424
09:00 - 17:30 APRICOT IPv6 Transition Conference HKCEC S221
10:00 - 17:30 Other 4K Super HD Video Demonstration Theatre 2
11:00 - 13:00 APRICOT Tutorial: Spam Control HKCEC S226+S227
11:00 - 12:30 APNIC NIR SIG HKCEC S223
11:00 - 17:30 APRICOT APRICOT Peering Forum HKCEC Convention Hall B+C
11:00 - 13:00 APRICOT Tutorial: Monitoring your DNS HKCEC S224+S225
12:30 - 14:00 APRICOT APIA AGM HKCEC S228
14:00 - 17:30 Other IDN SDC HKCEC S222
14:00 - 15:30 APAN Secretariat - Fellowship Meeting (closed) HKCEC S429
14:00 - 17:30 APNIC Tutorial: Internet Routing Registry HKCEC S223
14:00 - 15:30 APRICOT Tutorial: MPLS-based Metro Ethernet Networks HKCEC S226+S227
14:00 - 15:30 APAN NetWork Security Workshop HKCEC S425
14:00 - 15:30 APRICOT Tutorial: IPv6 Routing HKCEC S224+S225
17:00 - 19:00 Equinix Cocktail HKCEC Convention Hall Foyer
17:15 - 18:45 ISOC Chapter Meeting HKCEC S425
Wednesday 23 February 2011
08:55 - 18:35 Asia Future Internet HKCEC S228
09:00 - 10:30 APAN Event Committee HKCEC S428
09:00 - 10:30 APRICOT Conference: Routing Session HKCEC Convention Hall B+C
09:00 - 10:30 APRICOT Conference: Tools and Measurement HKCEC S224+S225
09:00 - 10:30 APRICOT Tutorial: IPv6 Transition Technologies HKCEC S221
09:00 - 17:30 NetMission + APNG Camp HKCEC S426+S427
09:00 - 17:30 APAN NetWork Engineering HKCEC S423+S424
09:00 - 12:30 APAN Sensor Network Discussion Session HKCEC S425
09:00 - 10:30 APRICOT Tutorial: Ethernet OAM HKCEC S226+S227
09:00 - 17:30 APAN Medical WG HKCEC S421
09:00 - 10:30 APAN eResearch Workshop and Discussion HKCEC S429
10:00 - 17:30 Other 4K Super HD Video Demonstration Theatre 2
11:00 - 12:30 APRICOT Tutorial: LSM HKCEC S226+S227
11:00 - 12:30 APAN Program Committee HKCEC S428
11:00 - 12:30 APNIC Plenary: Life after IPv4 Exhaustion HKCEC Convention Hall B+C
13:00 - 14:00 APAN APAN Board Meeting with DANTE (closed) HKCEC S429
14:00 - 15:00 APAN Sensor Network Workshop HKCEC S425
14:00 - 15:30 APRICOT Tutorial: Center Network Options for Server Virtualization HKCEC S226+S227
14:00 - 15:30 APAN Council Meeting (closed) HKCEC S428
14:00 - 15:30 APNIC APNIC Policy SIG Session 1 HKCEC Convention Hall B+C
14:00 - 15:30 APRICOT Conference: IPv6 Deployment HKCEC S221
14:00 - 15:30 APRICOT Conference: Network Scaling HKCEC S224+S225
14:00 - 15:30 APAN APAN Proceedings Discussion HKCEC S429
16:00 - 17:30 APRICOT Conference: Network Growth HKCEC S221
16:00 - 17:30 APAN Board Meeting (closed) HKCEK S428
16:00 - 17:30 APRICOT Conference: DNS HKCEC S224+S225
16:00 - 17:30 APRICOT Tutorial: IP routing in smart object networks / Internet of Things HKCEC S226+S227
16:00 - 17:30 APNIC APNIC Policy SIG Session 2 HKCEK Convention Hall B+C
16:00 - 17:30 APAN HDTV HKCEC S425
17:30 - 19:00 APNIC BoF: Resource Quality Assurance HKCEC S221
19:00 - 21:00 APNIC Social Event Jockey Club, Happy Valley Racecourse
Thursday 24 February 2011
09:00 - 12:30 APAN SIP-H323 WG HKCEC S228
09:00 - 14:00 APAN GLIF HKCEC S428
09:00 - 19:00 NetMission + APNG Camp HKCEC S426+S427
09:00 - 10:30 APRICOT Conference: Layer 2 Bridges HKCEC S224+S225
09:00 - 10:30 APAN Medical WG HKCEC S421
09:00 - 12:30 APAN Middleware HKCEC S425
09:00 - 17:30 Asia Future Internet meeting (closed) HKCEC S229
09:00 - 12:30 APAN Agriculture WG HKCEC S423
09:00 - 10:30 APNIC APNIC Policy SIG Session 3 HKCEC Convention Hall B+C
09:00 - 10:30 APAN Backbone Committee Meeting HKCEC S424
10:00 - 17:30 Other 4K Super HD Video Demonstration Theatre 2
11:00 - 12:30 APRICOT Tutorial: Mobile Backhaul over Packet Switched Networks for Mobile Operators HKCEC S227
11:00 - 12:30 APRICOT Conference: Security HKCEC S224+S225
11:00 - 12:30 APNIC APNIC Policy SIG Session 4 HKCEC Convention Hall B+C
14:00 - 15:30 APRICOT Conference: Current Trends in High Capacity Datacentres HKCEC S224+S225
14:00 - 15:30 APAN APAN General Assembly HKCEC S421
14:00 - 15:30 APRICOT Tutorial: Which Routing Protocol HKCEC S227
16:00 - 17:30 APRICOT Closing Ceremony HKCEC Convention Hall B+C
17:30 - 19:00 APAN Automated GOLE pilot HKCEC S428
19:00 - 22:00 APRICOT-APAN Joint Closing Social Duetto, Wan Chai
Friday 25 February 2011
09:00 - 17:30 APAN GLIF HKCEC S428
09:00 - 17:30 APAN Medical WG HKCEC S421
09:00 - 17:30 APNIC APNIC Member Meeting HKCEC Convention Hall B+C
19:00 - 23:00 APNIC Informal Dinner Ramas Oyster Bar and Grill


New Wave of Computing

Ya-Qin Zhang, Corporate Vice President, Microsoft Corporation; Chairman, Microsoft Asia-Pacific R&D Group

This keynote will address major trends in the field of computing with special coverage in China’s internet landscape. At 457m users, China has more netizens than any other nation in the world and the internet is changing the way Chinese live and work. Local companies are beating the MNC players with indigenous innovation for a user population very distinct from the western counterparts. Weibo, China’s "Twitter", is an amazing phenomenon that is changing the social media and content consumption. Five ICT trends from both China and global perspectives will be discussed, mobile internet, SoC, cloud computing, natural user interface and China’s triple network convergence. In addition, key research activities in Microsoft will be highlighted in the respective areas.

Internet2: Creating bridges for global research and education

David Lambert, President and CEO of Internet2

In our twenty-first century, the iconic figure of a lone researcher doing late-night experiments in an isolated laboratory has become officially obsolete. Researchers are now deeply involved in collaborations; the laboratory is now a global facility, connected and supported by a global cyberinfrastructure. At the same time, there has been a worldwide increase in demand for higher education and there is an increased mobility of students to attain education. Global university enrollment doubled from 1990 to 2009 to 150 million students. Three million students now study outside their home countries - a 57% increase in the past decade. More and more, universities must compete in a global marketplace for students and open remote campuses worldwide to support students in other countries.

These and other paradigm shifts over the past decade have prompted Internet2 to reevaluate and realign its priority focus areas – with global partnerships and engagement being a key area. The future success of Internet2 members will depend on strengthening strategic partnerships with international counterparts and making the most of collaboration opportunities in advanced networking, cloud services and services above the network, and remote conferencing technologies. These partnerships are the bridges that will enable virtual collaboration between global communities, and provide the infrastructure required to support the teaching, learning, clinical and outreach missions that underpin the entire global research and education ecosystem.

In this talk, Internet2 president and CEO Dave Lambert will outline his vision for Internet2’s global strategy and the key mechanisms needed to support the R&E community in the face of challenges and opportunities in globalization and large-scale distributed research.


MPLS-based Metro Ethernet Networks

Paresh Khatri, Alcatel-Lucent

As per

DNSSEC Tutorial

Phil Regnauld (NSRC), Hervey Allen (NSRC)

As per

BGP Techniques Tutorial

Philip Smith (Cisco)

BGP Techniques for Service Providers

The tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet.

After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities.

The second half of the tutorial looks at deployment techniques, including BGP network design, the announcing and receiving prefixes, aggregation, routing table growth and stability, finishing off with some configuration advice.

IPv6 Routing Tutorial

Philip Smith (Cisco)

This tutorial continues assisting service providers along the path of deploying IPv6 on their existing IPv4 infrastructure. It covers IPv6 address plan advice and design, and then introduces how to configure IPv6 routing protocols, showing examples of IPv6 routing configurations for Cisco IOS & IOS-XR and JunOS.

Which Routing Protocol

Faraz Shamim (Cisco), Khalid Raza (Cisco)

This session will go into details of which routing protocol should be chosen for a large and complex network. The two protocol OSPF & ISIS will be compared side by side based on its functionality, usage, scalability and convergence. These two protocols will be compared in the light of IPv6 deployment also.

Ethernet OAM Tutorial

Santanu Dasgupta (Cisco)

The participants shall learn and explain the operations, administration and maintenance aspects of a large multi service Carrier Ethernet network after this session. The session shall explain the Carrier Ethernet fault management, performance management, configuration management and OAM interworking with Ethernet and MPLS networks to provide an end-to-end framework.

Spam Control Tutorial

Devdas Bhagat (Directi Internet)

This tutorial will introduce the audience to spam and various methods in dealing with it.

The tutorial will cover technical methods of spam control (both inbound and outbound), policy related issues, abuse desk staffing, etc. We discuss email delivery, mailing lists, various proposals over the years for spam control, DNSBLs and newer ideas in spam control.

The audience is expected to go home with a better understanding of spam related issues, and how to implement both technical and policy suggestions for inbound and outbound spam control.

LSM: Overview, Drivers & Applications

Shankar Vemulapalli, Yogi Raghunathan (Cisco)

This session is going to focus on LSM Technology overview, drivers and applications.

What is the problem issues with the existing multicast deployments how the new model addresses it


  • mLDP
    • Extensions to LDP
      • New Capabilities TLV
      • FEC Elements
      • Multicast FEC Element Encoding
      • p2mp mp2mp Operation
  • Tree creation
  • p2mp-TE
    • Extensions to RSVP

OAM Extensions for support for LSM

Multicast LSP Ping Proxy LSP Ping Multicast Connectivity Verification


PIM SSM Transit for IPv4/IPv6 mVPN Deployments (Default/Data) Video Distribution/Contribution FRR

Monitoring your DNS

Joao Luis Silva Damas (Internet Systems Consortium (ISC))

The tutorial will go over the available Open Source tools that enable DNS operators to get a good understanding of how their system is performing and the quality of the DNS service.

Tools such as DSC, ncap, nmsg, dnstop will be explored and explained.

Also zone consistency and verification tools and DNS service options such as zonecheck will be covered.

CATV and IPTV Technology , Deployment Challanges and Solutions

Muhammad Durrani (Brocade Communications Inc)

PTV (Internet Protocol television) is the delivery of programming by video stream encoded as a series of IP packets. IPTV is distributed by a service provider and can be free or fee-based and can deliver either live TV or stored video. It can be bundled with other Internet Protocol services, including VoIP and high-speed Internet access.

This presentation will discuss various components related to End to End service Architecture over which IPTV is deployed this includes service types , video formats , compression mechanisms , Network level Protocols (MC and available feature set) used to accomplish service delivery , deployment challenges and related solutions.

Mobile Backhaul over Packet Switched Networks for Mobile Operators

Kasu Venkat Reddy (Cisco)

Mobile network infrastructures are quickly evolving as mobile operators expand beyond voice to bring high-speed services available from IP networks and the Internet to subscribers. The result is the emergence of networks that are becoming mobile versions of the high-speed Internet or a "mobile Internet". With this , there will be a 100 fold increase in mobile data traffic in the coming years. One of the key areas in mobile networks, ripe for transformation in the rush to deliver robust mobile Internet services, is the Radio Access Network (RAN). Mobile operators must dramatically reduce the cost per bit in their current backhaul solutions while providing transport for third generation (3G) technologies, the next wave of Long Term Evolution (LTE) technologies, and traditional technologies. The move to the all-IP RAN is the single largest infrastructure challenge facing mobile operators.

This presentation provides strategy for mobile operators to implement an IP RAN Mobile backhaul network that allows decoupling from the radio technology as they migrate to an all-IP RAN. This strategy allows mobile operators to cost-effectively provide the bandwidth, backhaul scalability, affordable transport, and intelligent network features necessary to support the Connected Life, the Internet-everywhere experience.

IPv6 transition technologies

Yasuo Kashimura (Alcatel-Lucent)

Many current technologies and solutions are discussed for the transition to IPv6, and dealing with IPv4 exaustion. In this session we will illustrate and explain each technologies detail, compare them, and analyse the pros and cons of each.


Botnets, DDoS and Zombies -- One Year and 5,000 Attacks

Craig Labovitz, Arbor Networks

In this talk, we present detailed, quantitative data on 5,000 operator confirmed (via manual classification) network infrastructure attacks over the last year across 37 carriers. We explore the magnitude, frequency and characterize both the attack vectors and victims. Previously, most data on carrier security trends has come from qualitative vendor surveys (e.g. Cisco, Arbor, etc). We believe this talk represents the first large scale study of validated (i.e. "ground-truth") botnet and DDoS attacks. We conclude with estimates of botnet size and efficacy.

Multi-Network operation for “Open-NW” and “Closed-NW”

Daisuke Yamada, Ayumu Yasuda, Arata Suenaga (NTT East)

NTT East is a large access-line company in Japan. NTT East services in closed-Network which connects access-line. Now, end-users have IPv4 for Internet access and IPv6 for NTT East’s service. So NTT East have dealt with the coexistence of IPv4 address and IPv6 address.For the run out of IPv4 address, Internet of Japan has come to the turning point. Then, NTT East / West will start IPv6 Internet access by two methods at Apr 2011. These methods cause Multi-Prefix Problem and add the open-network element to our closed-network. So NTT East / West need new operation.Then we tell outline and network topology first, and share the problem that we have now and will have in the future. We hope to become references for the person who entertains similar network and have similar problems.

Implementing IPv6 over UltraBroadband Networks

Giorgio Lembo (TINET)

Various European countries are facing the limitations of their existing copper network in order to deliver true, fast Internet Access. Very high-speed access is not easily obtainable due to the electrical conductor nature of the twisted pair. This limitation is intrinsic in the medium being utilised. Passive Optical Networks (PONs), such as Fiber to the Home in point-to-point or point-to-multipoint topologies, are imposing themselves as the reference standard to replace the existing access technologies. These networks will provide higher capacity and better Operation, Administration and Maintenance features. Moreover, these PONs are thought to last at least two decades. Network Engineers should consider IPv6 when designing the layer 3 architectures of tomorrow.

Access Providers will factor their current customer base and customers' rising bandwidth needs as revenue sources for the new PON infrastructure. PON networks should then allow the coexistence of the current and future IP protocol. Not only changes in the network infrastructure delivery chain are then needed: provisioning, operations, customer support and all the normal business functions will also need to be updated. Consider the case of Tiscali Italia, an Italian Telecommunication Provider, who faced various issues when considering the introduction of IPv6 alongside its current IPv4 access ordering. While trying to maintain the same cost structure (or even a better cost structure) of xDSL, Tinet engineers noticed that if not properly implemented, IPv6 creates a risk to the current revenue now and therefore, not really an opportunity. We finally would like to draw the Market attention on the maturity of current IPv6 applications and OS implementations which may impact the IPv6 deployment on the access side.

OCN Experience to Handle the Traffic Growth and the Future

Takeshi Tomochika, Chika Yoshimura (NTT Communications)

The internet traffic is growing exponentially in the recent years. ISP's mission is to carry the traffic steady without any traffic congestion. ISPs have to design a robust backbone network and make a lot of effort to handle this situation.

Firstly, the authors describe their design experiences of their ISP's backbone with looking back over the history, which would be instrumental for other ISPs. Finally, they introduce a plan for the backbone to cope with the expected growth of traffic in the future.

Network Positioning System, an Application Layer Traffic Optimization (IETF-ALTO) technology for Service Provider Networks

Stefano Previdi (Cisco)

In today’s applications, caching and replication is a vital mechanism in order to provide redundancy, availability and efficiency in content and services delivery. Therefore it becomes critical to have a reliable and efficient mechanism allowing to determine the best location where data/services are to be delivered from and based on multiple criteria: location of the requesting user, infrastructure & resources utilization, state & performance, policies, etc.

The Network Positioning System (NPS) computes the location of and distance between endpoints. Examples are: an application client willing to locate the closest instance of a movie, a peer-to-peer client willing to find the closest set of peers sharing the requested content, a voice/video conferencing service having to locate the closest bridge for a given user or a cloud computing network willing to locate the closest set of requested resources. NPS leverages network layer information and is operated by the Service Provider willing to deliver NPS services to application layer.

NPS technology is aligned with the work IETF ALTO (Application Layer Traffic Optimization) working group that carries the standardization of a protocol through which ALTO services will be delivered to applications.

The presentation gives an overview on:

  • NPS Architecture and applicability
  • Implementation and deployment on Service Provider's infrastructure
  • Future directions

Net Measurement Neutrality: An Enabler for Watchdog or Partnership

Waiting Fok (The Hong Kong Polytechnic University)

In this talk, we propose Net Measurement Neutrality, a new paradigm for addressing the problem of lacking innovation in the Internet service industry. In this paradigm, incentives are provided to foster collaboration among providers and users, while their business secrets are preserved. We will present our experience with the paradigm for eight universities at Hong Kong through a neutral network measurement platform. We will particularly demonstrate the benefits of this paradigm, including improved service quality, more accurate and timely diagnosis of network problems, and reliable SLA enforcement.

MPLS Scale to 100k endpoints with Resiliency and Simplicity

Clarence Filsfils (Cisco)

A simple standard-based architecture to scale an MPLS network to 100k end points, with a target of 50msec Resiliency and most important with Simplicity.

The architecture leverages the IP/MPLS Control plane and default behaviors to minimize operational tasks.

The talk is related to the following IETF document: draft-leymann-mpls-seamless-mpls-02.

The talk is focused on pragmatic considerations for deployment.

Bio: Clarence Filsfils is the architect for the routing resiliency technology at Cisco Systems and hence invented key innovations such as LFA FRR and BGP FRR (BGP PIC).

He spends a majority of his time with SP designers to either find solutions to their problem or help deploy/leverage new technology.

His emphasis on real applicability and finding the simplest solution to problems should be valuable to Apricot attendees.

Clarence is a frequent speaker at NANOG, RIPE and APRICOT.

Date Center Network Options for Server Virtualization

Russell Cooper (Juniper)

This talk will discuss the challenges Server Virtualization technologies brings for the data center networks. Then it will discuss standards based approach to improve the experience in a virtualized environment.

It will discuss the benefits of of flatter data center networks for low-latency, the emerging VEPA standard for inter virtual machine switching and the benefits of kernal based firewalls for better visibility and policy based security in the virtual environment.

Digital Forensics in a Virtual Environment

Amila Perera, Kalana Guniyangoda (TechCERT, Sri Lanka)

Conducting a forensic investigation in a compromised physical computer is a well established scientific task. However, if the forensic data resides in a completely virtual environment, it brings new challenges. This is because current standard forensics procedures and tools are not specially designed to do a forensic investigation in such an environment. Even the few available tools not compatible with many of the virtual environment file formats. This presentation will illustrate our view of the limitations for investigations introduced by VM's and the methods of applying standard tools while overcoming practical issues raised by VM environments.

IPv6/IPv4 XLATE Trial Service for sharing IPv4 address

Masataka Mawatari (Japan Internet Exchange (JPIX))

This is a presentation about a solution against IPv4 global address shortage.

Since the presentatoin (What can IXPs do about IPv4 exhaustion?) at APRICOT 2009, JPIX has continued IPv4/IPv6 translator (implemented stateful XLATE) examination for using IPv4 global address share.

In order to solve some problems about IPv6-IPv4 translation (DNS64, etc..), JPIX developed the HGW implemented stateless XLATE to use combination with IPv4/IPv6 translator for IPv4-IPv6-IPv4 translation last year. Now, JPIX started to provide IPv6/IPv4 XLATE trial service for JPIX IX members.

In this presentation, JPIX will provide feedback about the current experience and summarise the trial so far.


Ecdysis: Open-Source DNS64 and NAT64

Simon Perreault, Jean-Philippe Dionne, Marc Blanchet (Viagenie)

NAT64 and DNS64 are IPv6 transition technologies that are used for translating between IPv6 clients and IPv4 servers. The Ecdysis project has produced open-source implementations which are based on the Bind and Unbound DNS servers for DNS64, and on Linux's Netfilter and OpenBSD's pf for NAT64. This presentation will describe the protocols and our implementations, with focus on the operational aspects of large deployments (e.g. ISPs, 3GPP, enterprises, etc.) It will also discuss the trials done in various networks and events, and will provide the results such as applications and protocols issues found.

Outbound Spam Rankings for Economic Incentives: Transparency, Reputation, and Insurance

John S. Quarterman (Quarterman Creations), Andrew B. Whinston, U (University of Texas at Austin), Serpil Sayin (Koç University, Istanbul)

Problem: Which organizations send most spam? Even ISP operators don't know.

  • Users can't choose ISPs by spamminess.
  • Spam is sent by botnets, exploiting vulnerabilities, indicating larger security problems.
  • Technical solutions are not evenly applied: it's an organizational problem.

Solution: Build outbound spam org. rankings out of blocklist data.

Not just ISPs: every org that sends email is target for botnets; rankings must report on all ESPs.

No ESP wants to be branded a spam haven: incentive to clean up.

Clean ESPs can brag about their rankings and attract customers.

The larger socioeconomic issue:

Black hats cooperate for profit; white hats are just a cost center.

Elinor Ostrom: governing the commons needs transparency so stakeholders can self organize.

Leon Festinger: social comparison theory says comparing similar people changes their behavior; recent research shows this also applies to organizations on the Internet.

We propose new organizational layers to add economic incentives. Use rankings to certify organizations in classes like bond ratings: Aaa, Bb, etc. Use certifications to turn SLAs into self insurance, and to build insurance policies. Thus we can use organizational rankings built out of blocklist data to provide several layers of economic incentives for cooperation to solve spam and botnet problems.

IP Routing in Smart Object Networks and the Internet of Things

Jeff Apcar (Cisco)

The Internet of Things (IoT) is a pervasive and ubiquitous network which enables the monitoring and control of our physical environment by collecting, processing, and analyzing the data generated by Smart-Objects. A Smart-Object (SO) is a physical object (eg., light bulb, smart power meters, garden sprinklers) with an embedded sensor (or actuator) which is able to communicate. Smart Objects usually operate in a highly constrained environment in terms of physical size, available memory, CPU power and battery life in addition to communicating over wireless low power lossy networks. This environment throws up quite a number of routing challenges that traditional routing protocols cannot satisfy. This presentation covers enhancements and innovations that were necessary to allow Smart Objects to route information over IPv6 in the Internet Of Things. In particular, carrying IPv6 over low power networks (6LowPAN) and the RPL the new routing protocol for Smart Objects will be discussed.

Solution to SPA Challengs/Limitations, TRILL Protocol Implementation and Deployment Considerations

Muhammad Durrani (Brocade), Rizwan Jamal (Cisco)

Current IEEE 802.1 LANs use spanning tree protocols that have a number of challenges. These protocols need to strictly avoid loops,even temporary ones, during route propagation, because of the lack of header loop detection support. Routing tends not to take full advantage of alternate paths, or even non-overlapping pairwise paths(in the case of spanning trees). This Presentation provide thorough understanding of existing limitations and challenges of IEEE 802.1 Spanning Tree Protocols and how these issues can be resolved with modern layer 3 link level Protocols using a new approach that combines the features of these two existing solutions, retaining the desirable properties of each.It allows reuse of well-understood network routing protocols to benefit the link layer. This presentation will cover TRILL protocol implementation detail with comparitive analysis of solution to existing SPA problem in existing deployments, and TRILL's incremental deployment considerations.

Shortest Path Bridging

IEEE 802.1aq - Peter Ashwood-Smith (Huawei)

802.1aq Shortest Path Bridging is being standardized by the IEEE as an evolution of the various spanning tree protocols. 802.1aq allows for true shortest path routing, multiple equal cost paths, much larger layer 2 topologies, faster convergence, vastly improved use of the mesh topology, single point provisioning for logical membership (E-LINE/E-LAN/E-TREE etc), abstraction of attached device MAC addresses from the transit devices, head end and/or transit multicast replication , all while supporting the full suit of 802.1 OA&M.

Applications consist of STP replacement, Data Center L2 fabric control,

L2 Internet Distributed Exchange point fabric control, small to medium sized Metro Ethernet control planes. L2 wireless network backhaul.

DNSSEC technical evaluation report of JP


BoF Sessions

ACT(Assistive Communication Technology)

Makoto Takano, Takumi Shibata (NTT-WEST)

Follow us:

on Facebook on Twitter