DENOG16

Want to perform the bgp handshake in real life based on a realistic topology? We got you covered ... in this workshop for intermediates we will dive into some network basics of bgp driven networks and also explore route filtering best practices (mainly for the DfZ = default free zone).

After some theory every attendee will receive one network node to configure. The fellow participants will be your peers. You will depend on the peers to reach your goals.

Teams work together in small groups. One group either jointly manages an AS consisting of 3 routers and a customer downlink router or the IXP infrastructure based on EVPN with additional route server. Troubleshooting takes place across groups in order to verify the corresponding availability within the lab topology.

Warning: You will have to socialise with the peers around you!

Topics Covered:
* Running BGP (iBGP and eBGP)
* BGP Attributes
* BGP & Routing Security
* Filtering
* BGP Tips & Tricks

Technologies Covered:

IPv4 and IPv6, IS-IS, iBGP, eBGP, BGP Scaling, BGP Policies,
BGP Best Practices, BGP Configuration Essentials, IXP Design.

Pre-requisites:

Participants must have technical hands on experience of routers.
Network Fundamentals, user level UNIX and maybe some system administration,
some use of network design preferably TCP/IP-based is also helpful.
Ideally, you should already have some experience with EOS or a comparable CLI.

This workshop is designed to provide participants with a practical introduction and best practices for using the BNG Blaster for testing. Each participant will be provided with a test environment that includes a pre-configured DUT (Device Under Test) for the workshop duration. There will be various exercises available in areas such as Access (PPPoE, L2TP, etc.) and Routing (ISIS, BGP, etc.), which participants can utilize. These exercises can be customized, or participants can develop their own tests.

Participants with their own test environments are welcome to use them and will receive support from us in using these environments effectively.

Requirements:

• Participants must bring their own laptops to access the test environment via SSH.
• Basic knowledge of networking concepts is recommended.
• It is suggested to watch one of the previous BNG Blaster talks before attending the workshop for a more comprehensive understanding.

Note: A brief introduction to the BNG Blaster will be provided, but it is recommended that attendees watch one of the previous talks on this topic beforehand.

• DKNOG14: https://www.youtube.com/live/WdATdbaveRI?si=lgw1W-HckormViK9&t=13599
• DENOG15: https://youtu.be/4rmwf6livyI

As managers and leaders, it’s easy to jump straight into problem-solving and advice-giving when your team comes to you with challenges. But what if offering guidance isn’t always the best solution? In this hands-on workshop, you’ll learn how to tame your “advice monster” and discover the power of coaching as a leadership tool. By focusing on active listening, asking the right questions, and creating a space where your team can think for themselves, you’ll help them grow into more confident and independent problem-solvers.

In this session, you’ll dive into practical coaching techniques that you can immediately apply in your day-to-day interactions. We’ll explore how to shift from telling to asking, how to give feedback that fuels growth, and how to cultivate a team culture that thrives on trust and collaboration.

What You’ll Learn:

Taming the Advice Monster: Recognise when your instinct to give advice takes over, and learn how to step back to let your team take the lead.
Active Listening: Become a leader who listens deeply, so your team feels truly heard and empowered.
Powerful Questioning: Master the art of asking questions that spark insight and ownership, rather than relying on instructions.
Effective Feedback: Learn how to offer feedback in a way that encourages growth and reflection, without overwhelming or disempowering your team.
Fostering Trust and Psychological Safety: Build a space where your team feels safe to experiment, make mistakes, and learn from them.
Supporting Autonomy and Accountability: Help your team step into their full potential by balancing empowerment with responsibility.

Why Attend?
This workshop is for anyone who wants to move beyond traditional leadership approaches and explore how coaching can unlock the potential in their team. Whether you're managing engineers or leading a product team, you'll leave with practical skills that will help you guide others without constantly needing to provide the answers. If you’re ready to transform the way you support your team’s growth, this session will equip you with the tools to do it—and help you keep that advice monster in check!

Let's do this again. In this workshop I'll show some tools, shortcuts and tips to work with Linux. Topics will include setting up your basic work environment, networking tools, working with the industry standard database format (aka CSV/Excel), working with JSON, finding stuff, troubleshooting and much more.

I did a similar workshop in 2022 and try to avoid repeating myself, although some repetition might be necessary, e.g., I still see people typing clear instead of hitting CTRL-L.

The audience is invited to try some tools discussed, so bring your own Linux (or Mac or Windows with WSL). Note that not all tools may be available for your system, and you may need root privileges to execute some of them.

Workshop about the basics of BGP. Topics include:

• Prefixes and Autonomous Systems
• Why you also need an IGP (like OSPF, IS-IS)
• iBGP: BGP within your network
• eBGP: Talking to your neighbours
• Multihoming and Peering
• BGP Best Path Selection
• Bonus-Topics, if time permits:
  • BGP Communities
  • BGP Security

Lab experiments will be done using FRRouting, so participants do need a laptop. No special software is needed.

Abstract:
Fundamentals and Layer 1 (Physical Layer)
Introduction to the OSI model: history, purpose and overview of the 7 layers.
Layer 1 - Physical Layer:
Fundamentals of signal transmission
Cable types and network hardware
Transceiver technologies:
Form factors (e.g. SFP, QSFP)
Transceiver selection criteria
Compatibility and performance issues
Coherent
Dense Wavelength Division Multiplexing (DWDM): Technology, application and benefits
Coarse Wavelength Division Multiplexing (CWDM): Differences from DWDM, applications

This is a beginner-level hands-on workshop that provides an introduction to Containerlab, an environment that provides a CLI for orchestrating and managing container-based networking labs. It starts the containers, builds a virtual wiring between them to create lab topologies of users choice and manages labs lifecycle.

This hands-on workshop will cover:
+ Installation
+ Container images (container-native and VM-based NOSes)
+ Topology file
+ Basic lab deployment workflow
+ Connectivity to the nodes
+ Lab lifecycle
+ VM-based lab
+ Sharing the lab
+ Troubleshooting and Wireshark pcaps
+ Exploring the catalog of existing labs

Student Requirements: personal laptop with an SSH client. VMs will be provided for each attendee to have their own isolated environment.

As managers and leaders, it’s easy to jump straight into problem-solving and advice-giving when your team comes to you with challenges. But what if offering guidance isn’t always the best solution? In this hands-on workshop, you’ll learn how to tame your “advice monster” and discover the power of coaching as a leadership tool. By focusing on active listening, asking the right questions, and creating a space where your team can think for themselves, you’ll help them grow into more confident and independent problem-solvers.

In this session, you’ll dive into practical coaching techniques that you can immediately apply in your day-to-day interactions. We’ll explore how to shift from telling to asking, how to give feedback that fuels growth, and how to cultivate a team culture that thrives on trust and collaboration.

What You’ll Learn:

Taming the Advice Monster: Recognise when your instinct to give advice takes over, and learn how to step back to let your team take the lead.
Active Listening: Become a leader who listens deeply, so your team feels truly heard and empowered.
Powerful Questioning: Master the art of asking questions that spark insight and ownership, rather than relying on instructions.
Effective Feedback: Learn how to offer feedback in a way that encourages growth and reflection, without overwhelming or disempowering your team.
Fostering Trust and Psychological Safety: Build a space where your team feels safe to experiment, make mistakes, and learn from them.
Supporting Autonomy and Accountability: Help your team step into their full potential by balancing empowerment with responsibility.

Why Attend?
This workshop is for anyone who wants to move beyond traditional leadership approaches and explore how coaching can unlock the potential in their team. Whether you're managing engineers or leading a product team, you'll leave with practical skills that will help you guide others without constantly needing to provide the answers. If you’re ready to transform the way you support your team’s growth, this session will equip you with the tools to do it—and help you keep that advice monster in check!

Join us for an in-depth, hands-on workshop at DENOG, where we'll explore the powerful capabilities of Grafana, from local installations to cloud integration. You'll dive into the full Grafana stack, including Prometheus and Loki while learning how to set up and visualize data in Grafana dashboards. We’ll also introduce Grafana Cloud and Alloy, guiding you through setting up a free account and connecting Alloy to the cloud. Bring your dashboards for a clinic session where you can get expert advice on improvements. Whether you're new to Grafana or an experienced user, this workshop is packed with insights, tips, and practical exercises!

Welcome to DENOG, if this is your first event, feel free to join us to learn everything about the event, the community and more!

Welcome to Berlin, welcome to DENOG16

We take you along on our adventurous journey through the design and implementation phases of a custom-built outdoor cabinet, from conception to completion, sharing what we’ve learned in the process.

While building a new fiber network from scratch, Eurofiber faced a dilemma: We needed to install network devices in the great outdoors of Berlin’s heating power plant sites, but your typical data center devices wouldn’t fit in the standard telco cabinets available on the market. For our purposes, we require full-depth racks, access from both sides, and active cooling. So we could either go for smaller, hardened outdoor equipment, which limits the choice of devices. Or we’d have to buy concrete data center containers the size of a garage, which are larger than we need, take more bureaucracy to build, and are also expensive.

To bridge this gap and keep the costs reasonable, we designed our own micro-datacenter, basically a larger street cabinet tailored specifically to our requirements: It provides active cooling, front and rear access, and fits full-depth devices while providing redundant power and sufficient protection from the elements.

This adventure took us deep into the engineering world of the infrastructure required for operating network devices. Have you ever had to consider cooling capacities, battery temperatures, air-flow velocities, or noise emission laws? We take you through the design process as well as the lessons we learned on the construction site and the operational experiences after finally taking the network into production.

Introduction of RPKI at the Deutsche Telekom global Network AS3320 was finalized in February 2024, since 22nd February 2024 AS 3320 rejects RPKI invalid Prefixes.
This presentation talks about the Project phases, the implementation and experiences we made during the introduction of RPKI on a global Tier-1 ISP Network.
This includes some technical details and organizational view for the continuous RPKI operation.

In response to increasing regulatory pressures, major telecommunications providers have begun to measure and report their carbon footprints. However, this initial step is just the beginning of a complex journey toward achieving sustainability. One of the most significant challenges these companies face is addressing Scope 3 emissions, which are generated by their supply chains and lie outside their direct control.

In this presentation, I will discuss the current state of sustainability efforts within the telecom industry, with a particular focus on the intricacies of reducing Scope 3 emissions. Rather than offering quick fixes, I will explore practical approaches companies can consider, such as switching to more sustainable suppliers, collaborating closely with existing suppliers, and gradually introducing contractual clauses that emphasize sustainability.

Attendees will gain a realistic understanding of the challenges involved and will be introduced to strategies that can help their organizations begin the process of reducing their supply chain's carbon footprint. This discussion aims to provide a balanced view, emphasizing that while these steps are crucial, they require time, commitment, and a willingness to engage in long-term efforts.

This year we deployed a new data center fabric from scratch. A requirement was to use different vendors with different nos. In addition we use Ansible for the whole configuration.

This talk is about:
- how to efficiently use Netbox with Ansible
- using Ansible with multi vendor equipment
- challenges building a multi vendor EVPN fabric from scratch

In recent years, we’ve heard a bit more about submarine cables, mostly related to fiber cuts. Given that they’re lifelines of countries or even continents, they are important, yet we know little about them. So, what’s the rationale behind the large selection of submarine cables, often on the same route? Is it just about resiliency and shorter routes, or are there other differentiators?

This talk will provide insight into the construction, operation, maintenance, and selection of submarine cables, using the connections between the United Kingdom and Continental Europe as an example.
We will dive into what it takes to construct a submarine cable, discover why and how it breaks, and provide guidance on what to consider when purchasing.

There are plenty of seismic stations on land helping detect and record earthquakes but very little deployed in our sea’s and oceans. Marine seismic detectors have traditionally been expensive, unreliable and not widely deployed. In recent years, research has shown that new and existing submarine cables can be used to detect seismic activity. Given that two thirds of our planet is covered by Oceans, this new development provides a great opportunity to improve our knowledge of the geological activity of our planet. Additionally, an early warning of an imminent Tsunami can save thousands of lives.

This presentation will introduce the recent developments in sensing on Submarine Fibre Optic Cables and introduce the key sensing technologies employed.

SCION is a secure path-aware Internet architecture, designed to achieve high resilience to routing attacks and path selection for Internet users and operators with safety critical traffic such as in financial and healthcare sectors. RPKI/ROV is useful for origin validation but does not validate paths, ASPA is still an evolving technology, whilst BGPSEC has yet to be widely deployed and needs explicit router support along a path to achieve the full benefits.

SCION has commercial and open-source implementations and is in production use by the financial services and healthcare industry in Switzerland and internationally. This includes the SCION Research & Education Network (SCIERA) which includes connections to OVGU Magdeburg. It is also currently being evaluated for use in government, power utility, aviation, military and other applications, with a number of vendors interested in implementing it in their products.

This talk will discuss the SCION design and architecture, its trust model, how it can be deployed, as well as some deployment experiences to-date. It will also discuss the IETF/IRTF work, and the community efforts supported by the SCION Association to encourage further deployment and development.

In this session we are going to cover usage of RFC8950 (IPv4 NLRIs with IPv6 Next Hop)

Single peering interfaces can get loaded during peak usage and/or failure scenarios while the network as a whole still has spare capacity. As remedy we can use upstream via our so-called overflow providers. In normal operation mode we will prefer direct peerings and only use overflow providers as fallback.

For events like the European Football Championship we want to be able to shift traffic to those fallback routes with low effort, low wait times, high granularity and high confidence.

We have implemented a service that injects on-demand copies of the existing fallback routes with the preferences tuned to let them be preferred over the "normal" peering routes. The routes are advertised via BGP sessions to our routers and are not distributed any further. The service is using GoBGP and running in Kubernetes.

The so-called ‘Glasfaserstreit' (fibre optic dispute), an antitrust case, successfully prevented the intention of the incumbent to monopolise the Swiss fibre optic network. As a result, >2 million households can currently subscribe to a symmetrical 25 Gigabit FTTH connection for ~€70 per month.

Starting with 1st of January, 2026, operators of public mobile networks in Germany are obliged to
employ certified network products within their networks. The obligation affects all network products,
which are newly introduced into public mobile networks and provide functions, for which a security
assessment document has been approved by the BSI. This also includes network products, which
provide 3GPP-specified functionalities and are listed in the list of critical functions by the Federal
Office for Information Security (BSI) and the Bundesnetzagentur (BNetzA).
The talk will address the necessary steps by operators of public mobile networks to successfully include certification of network products into their procurement and onboarding processes. Therefore, the talk will showcase the technical approaches taken in the certification process and how they are intended to interplay with provider processes.

This presentation investigates the proximity to a low Signal-to-Noise Ratio (SNR) threshold that can still maintain a tolerable Bit Error Rate (BER) in 100G / 400G / 800G network links. Additionally, we account for factors such as temperature and cable length to predict the duration for which a reliable network connection can be sustained between transceivers. The analysis, based on data retrieved using a Flexbox, focuses on comparing the reliability of coherent (16QAM) and non-coherent (PAM4) transceivers, with a detailed discussion on the implications of these technologies on network performance. For a better understanding of the correlation between these factors, Machine Learning techniques were used.

That's a wrap for day1, we'll share all details about the social and how to get there!

Following up on last year's introductory talk about NIS2 and the cybersecurity regulations, we'll look at the technical and methodological requirements specifically for digital service providers.

Everything uses IP nowadays but some stuff is special: Telephony. The connection between customers and their provider is well known but the interconnections of providers themselves are something different. This talk covers the German market, other countries work totally different (some examples might be given).

As communication speeds increase, a new problem of communication errors caused by "return loss" has become apparent in optical connector connections.

DDoS attacks and attackers are out there today, and likely won't go away anymore. This talk will outline some current available technologies and developments in the area of DDoS countermeasures, which are designed to make DDoS detection faster, provide better information and decision criteria on what is currently going on in a network, and what is required to mitigate attacks with as few as possible unwanted side effects.

The Domain Name System (DNS) is a critical component of the Internet infrastructure, responsible for translating human-readable domain names into machine-readable IP addresses. However, the
increasing centralization of DNS traffic through large content-delivery hyper-giants (such as Google), coupled with the fact that the majority of DNS communication traditionally runs over unencrypted transports (UDP/TCP), has led to increased security and privacy concerns. In this talk, I will
present recent results on the resiliency and efficiency of DNS, the state of adoption of protocols that enable DNS privacy and their performance implications. I will conclude with a future outlook of a protocol design whereby traditional communications no longer have to trade performance for privacy, but can achieve the best of both worlds: privacy-enhancing DNS + secure communication on the Web.

We had to move a couple of hundred machines from a big Layer 2 broadcast domain into a fully routed network. We also increased the bandwidth available for each server by mounting a new NIC into each server, To avoid synchronisation with service owners, we did not renumber hosts. In addition, there is connectivity to the large Layer 2 domain that is still in place and still has a few thousand hosts in need of migration.

In this talk you will learn how we engineered this migration, minimised downtime and ensured the documentation of our network is always up to date.

Metro networks are arguably one of the more challenging areas in carrier network engineering: Feature creep, space constraints, harsh physical environments and the requirement to deliver all services everywhere, for cheap.

At Wobcom AS9136 we just wanted to modernize the transport network. Two years later we ended up redesigning just about everything: Putting white box routers into outdoor shelters, moving subscriber services to the edge and rethinking business CPEs.

This talk covers our journey and what design considerations lead us where we are.
We will explore a wide range of linked topics:

• Environment (Power, Space, Temperature)
• Optical problems and solutions (OWDM, OpenZR+)
• Network ASICs
• Network Operating Systems
• Protocols (MPLS, SR, EVPN, etc.)
• Subscriber Management
• Full Automation
• CPEs and their management

In this talk, we explore the changes needed to convert a set of fully open source amd64 based VPP routers running in AS8298 to be able to use exactly one IPv4 and IPv6 address in an OSPFv3 and iBGP configuration. The use of /30 or /31 IPv4 transit networks between routers is a thing of the past, paving the way to conserve IPv4 addresses!

The talk discusses the changes made to VPP and a popular routing suite Bird2, to enable both Babel and OSPFv3 to route traffic without using IPv4 transit networks, including operational notes how the author rolled this out in AS8298.

Finally, the author will make good on his promise from previous DENOG, predicting a 1Tbps VPP machine.

News from IXPs in Germany
As introduced 2021 we collect some parameters from all IXPs, which are active in Germany.
This talk aggregates the Updates for all the IXPs in a common format and will be presented in a neutral way.

This talk will give an overview of DTs DNS platform and the challenges arising from carrier scale DNS deployments. It will cover the architecture and new requirements as well as scalability and the implementation status and impact of encrypted DNS (e.g., DoH/DoT and DNS discovery). The presentation will also address shortcomings of the new discovery mechanisms which are currently being standardized within IETF.

Thank you for joining us for DENOG16, join us for a quick review and some announcements before heading home!