Tutorials

Building IXPs Tutorial

Internet Exchange Points (IXPs) are at the heart of all Internet network communication. Packet Clearing House will present a tutorial on best practices for the design, building, economics, and operations of an Internet Exchange Point.

Tutorial duration

Date: 22 March
Time: 09:00-12:30
Meeting room: 17
Max. nr of participants: 50

Target audience

  • Business executives and decision makers who want to learn how to make their networks operate more cost effectively, through interconnecting to an IXP.
  • Technical staff who are operating networks, who want to understand how interconnecting to an IXP makes their network more efficient.
  • Policy makers interested in understanding the value that an IXP brings to an ecosystem, and how to develop these

Tutorial requirements

It is assumed that the tutorial participants have a good understanding of the operations of an Internet related business. Although dealing with a technical subject, this is primarily, not a technical tutorial, and is open to business decision makers.


RIPE Atlas Tutorial

Part of the mission of the RIPE NCC is to support core internet infrastructure, by providing active measurement data, and tools that visualise that data, together with registry, routing and DNS information.

RIPE Atlas is the biggest active measurement network in the world, with more than 9300 vantage points, small hardware devices hosted by community. We will present the latest statistics and use cases, and invite MENOG attendees to take part.

Goal

Learn how to:

  • Use RIPE Atlas measurements for network monitoring and troubleshooting
  • Use API calls for measurement creation
  • Integrate RIPE Atlas with existing monitoring systems

Pre-requisites

You should already:

  • Have a laptop
  • You have basic knowledge about RIPE Atlas usage
  • You have a RIPE NCC Access account
  • You have logged-in and visited atlas.ripe.net web pages
  • You have earned at least 20,000 “credits” by either hosting a RIPE Atlas probe or, as a RIPE NCC member, claiming your 1,000,000 credits.

In order to learn about RIPE Atlas before attending the tutorial, please refer to:

  • FAQ and other documentation
  • Material from the workshops
  • Use cases on RIPE Labs

DDoS Mitigation Tools & Techniques

A distributed denial-of-service (DDoS) attack makes your online infrastructure totally inaccessible. This tutorial will cover the following:

  • An introduction to DDoS attacks, trends and their business effect
  • Detection Techniques (Flow analysis, Baselining, Pattern matching)
  • Mitigation Best Practices, including RTBH, FlowSpec, Co-Operative DDoS Mitigation and PBR (with pros and cons)
  • Tools: ExaBGP and FastNetMon

Tutorial duration

Date: 23 March
Time: 11:00-12:30
Meeting room: 25A
Max. nr of participants: 50

Target audience

  • Technical network engineers with working knowledge of routing and monitoring techniques and protocols.

VPN Tutorial

This presentation will provide a technical overview of Virtual Private Networks (VPNs), which is a main feature of any security appliance or gateway.

Many people think that VPN is a simple, old technology. In fact, many vendors are developing new VPN types to enhance security and to simplify deployment. While these have appeared on the marketplace, end users continue to use the old methodology.

In this demonstration, I’ll attempt to cover VPN technology from different vendors and will provide a virtual lab on the correct way of VPN implementation and configuration.

I will start by identifying the main terms, such as IPsec, SA, tunnel phases and IKE, then present site-to-site VPN types, such as S2S, VTI, DMVPN, GET VPN and FLEX VPN. I will follow by clarifying the main types of remote access VPN, such as full tunnel, clientless and IPsec remote access VPN.

Finally, I will provide an introduction to Public Key Infrastructure (PKI) since it is used to add a layer of security for VPN connections by enhancing key exchange procedures.

I hope this presentation will act as quick handbook or guide for network administrators and operators to configure the appropriate VPN type for their environment.