The Forum of Network Operators of Latin America and the Caribbean is aimed at the discussion and exchange of technical information related to network infrastructure and promotes the debate on issues of technical implementation and operational practices among the community members. The Forum is complemented by a mailing list for the dissemination of knowledge and information exchange related directly to the operation of networks.
Report on the main issues discussed during the last IETF meeting in Quebec. This presentation will deal with the general trends that may affect network operators the most, covering different working areas.
6rd is a IPv6 transition mechanism described in RFC 5569 that provides a powerful tool to deploy IPv6 for broadband users in a easy way. Based on 6to4, 6rd provides a way to deploy IPv6 for broadband users having IPv4 only access by just using a 6rd enabled CPE. The 6rd mechanism provides a mechanism of automatic encapsulation of IPv6 traffic over IPv4, as well as an automatic IPv6 prefix delegation schema for addressing end users. During this presentation, 6rd mechanism will presented and explained, and a short demo will be run.
Comparative overview of the functioning and operation of internal IPv6 routing protocols: IS-IS and OSPF. The presentation will also include considerations for IPv6 deployment.
This talk will focus on the IPv6 routing tables with an emphasis on the practical work that had been done to make the IPv6 global routing tables in the state they are today. The talk will discuss peering within the IPv6 world along with the general statistics on IPv6 global rollout. The state of tunnels within the core of the IPv6 Internet will be presented. Additional information about IPv6 within the DNS TLD environment will be presented. Finally a review of traffic bandwidth during and after World IPv6 Day showing the real-world IPv6 traffic seen. The presentation will include a large amount of up-to-date network statistics.
Panel: World IPv6 Day Next Step
Wednesday 5
9.00 – 10.00 am
Taking the next step: An introduction to the IETF and how you can get involved | abstract| presentation
The Internet Engineering Task Force (IETF) is a large open global community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. The IETF Mission Statement is documented in RFC 3935 (http://www.ietf.org/rfc/rfc3935.txt). Leaders and regional members of the IETF will introduce the IETF, its workings, and the open Internet standards that come from their work. After the presentation, there will be a panel discussion on IETF protocols and how to get involved.
The current Internet routing and addressing architecture uses a single numbering space, the IP address, to simultaneously express two functions about a device: its identity, and how it is attached to the network. The Locator/ID Separation Protocol (LISP) creates a new paradigm by splitting the device identity, known as an Endpoint Identifier (EID), and its location (where the device attaches to the network), known as its Routing Locator (RLOC) into two different numbering spaces. Splitting EID and RLOC functions yields several advantages including, improved scalability of the routing system through greater aggregation of RLOCs, and improved multi-homing efficiency and ingress traffic engineering. LISP is a Cisco innovation that is being promoted as an open standard at IETF's LISP Working Group. During this presentation an overview of LISP architecture will be presented.
Routing convergence has gone from 3 minutes to under one second in the last several years. What's next? Two targets are in view in current work: reducing packets lost to the information serialized onto the wire at the time of failure, and reducing or removing microloops caused by network or node failures. This presentation discusses current work in this space, and current drafts being considered in the IETF to increase the speed of convergence.
Route hijacking compromises the coherence and integrity of this system, opening the door to operating errors and malicious actions that can affect the quality of service perceived by millions of users and hinder access to online content. RPKI architecture uses a variety of existing technologies and protocols and introduces changes to others. This presentation includes an introduction to the technology where we will show how RPKI protects us against route hijacking and analyze the complete RPKI system architecture.
Review of the most recent developments in Secure Interdomain Routing, including enhancements such as support for route servers and AS_PATH prepending. We will also take a look forward at the proposal for path validation.
Arbor Networks®, in cooperation with the Internet operational security community, has completed the sixth edition of an ongoing series of annual operational security surveys. This survey is designed to provide industry-wide data to network operators. This data is intended to enable more informed decisions about the use of network security technology to protect mission-critical Internet and other IP-based infrastructure. The survey output serves as a general resource for the Internet operations and engineering community, recording information on trends and employment of various infrastructure security techniques.
Overview of Cybercrime in Latin America :: Marcia Maggiore, Patricia Prandini | abstract| presentation
This study analyzes the situation of Latin American countries from the cybercrime point of view, considering the region both as a source as well as a target of attacks. Public information sources produced by government and research organizations as well as security product and service providers within the region and in other parts of the world were consulted. The work aims at promoting greater knowledge of the incidence of cybercrime in Latin America and generating a framework for future estimations and projections that can be updated and improved as more precise information becomes available.
Strengthening regional coordination mechanisms for security incidents in Latin America and the Caribbean :: Eduardo Carozo / ITC-ANTEL | abstract| presentation
This research article attempts to gather the opinion of computer security experts regarding whether or not it is pertinent to implement coordination mechanisms for the activities carried out by CSIRTs in our region. Large amounts of information were collected through different mechanisms (surveys, interviews and focus groups), including the opinions of the main stakeholders in the area of Information Security in Latin America and the Caribbean. These are presented in Chapter 7 of the work mentioned above, Survey Results and Conclusions, which details recommended guidelines and activities for improving the performance of the region's Response Teams.
Resource Reputation in LACNIC region :: Manish Karir / Merit Network | presentation
The PTTMetro project (http://ptt.br/) was created by the Comitê Gestor de Internet Brasileira (CGI.br) and started operating in 2004, initially with three cities (São Paulo, Brasília e Rio de Janeiro) and only a few participants. PTTMetro is currently present in 16 cities and 12 states, where it serves the connection of more than 400 Autonomous Systems (AS), some present in more than one location.
The vision behind the 'Internet of Things' is that embedded devices – also known as 'smart objects' – are ever more universally connected to the Internet and that they are already an integral part of the World Wide Web. Low power wireless personal area networks (6LoWPANs), which can be classified as a subset of the Internet of Things, are devices that comply with the IEEE 802.15.4-2003 standard. These devices are characterized by their short range, low speed, low power, and low cost. Many of the devices that use IEEE 802.15.4 radius have limited computing capability, memory, and/or power availability. A LoWPAN usually includes the devices that work together to connect the physical environment with real world applications such as, for example, wireless sensors.
Energy usage is in the spotlight all over the world --but what about networks? Is there any point in reducing the energy usage within the network, or along the network edge --or both? What technologies are being developed, right now, to better match network load to energy usage?
Fernando Gont will discuss some of the identified Neighbor Discovery vulnerabilities, and will provide guidance to network operators and security administrators, such that these vulnerabilities can be mitigated (where possible) with standard security devices. Fernando will also provide a live demonstration of how these vulnerabilities can be exploited with the Neighbor Discovery attack suite produced by CPNI as part of the aforementioned project. The live demonstration will include at least three Denial of Service (DoS) vulnerabilities that affect popular operating systems (such as FreeBSD and Linux), and a demonstration of evasion of network security controls such as RA-Guard and NDPMon. Focus of the presentation will be on the operational aspects of Neighbor Discovery (i.e., how to mitigate these vulnerabilities), and on the practical aspect of assessing IPv6 implementations with respect to the aforementioned vulnerabilities (i.e., live demonstration of the attacks).
