http://ntgrd.depaul.edu/index.html DePaul University Networks and Telecom R&D Team en http://ntgrd.depaul.edu/index.html/2003/09/18#byejtk <!-- 2003-09-18-16:42> John Kristoff, former NTG R&D team lead is leaving DePaul. His last day will be October 3, 2003. Nicola Foggi, former NTG R&D engineer ill be the primary administrator of this server and its associated services. http://ntgrd.depaul.edu/index.html/2003/06/30#ix-chicago <!-- 2003-06-30-12:29> The <a href="/mailman/listinfo/ix-chicago">ix-chicago mailing list</a> was recently setup to help coordinate and disseminate communications regarding Chicago area Internet exchange and Internet co-location facilities. The list was publicly announced on the NANOG mailing list. http://ntgrd.depaul.edu/index.html/2003/06/08#nanog28 <!--2003-06-08-10:35> jtk attended <a href="http://www.nanog.org/mtg-0306/">NANOG28</a> in Salt Lake City last week. Most of the materials can be found on the meeting page unless otherwise noted. The first night of the meeting was for tutorials and I attended the BGP Multihoming Techniques tutorial by Philip Smith, of Cicso. This tutorial was useful, because some of the ideas and techniques are directly applicable to some things we can use at DePaul. One of Phil's overriding themes was that most people do not need to receive or use the full Internet routing table. He also made the point that network operators should size their routers based on data rates and interfaces, not on BGP requirements.<br> <br> Prefix lists, filter lists and route maps were three basic principles Phil described in his talk. He also covered local pref, metric, AS path prepend and communities as the key policy tools for multihoming. With a number of examples, he showed how one might attack the problem of multihoming, while maintaining symmetric traffic flows and redundancy using the principles and tools presented. For example, with two upstreams, one could point default at one, then receive (either in part or through the use of filters) partial routes of the nearby AS's from the other upstream, to load balance outgoing traffic. To load balance incoming, the organization could advertise its full aggregate to the two upstreams, then split the aggregate and advertise a half to each upstream. The more specific announcements may be filtered by other providers, but it is probably OK if at least the upstream is accepting it. It is probably the case that tweaking will need to be done using most of the techniques outlined.<br> <br> Phil also detailed some strategies in using communities. There were lots of good examples of how others use them to let customers influence their own routing. I talked briefly with Phil and asked about the strategies for managing the traffic flow within the AS. In DePaul's case we can use many of the same strategies, particularly in regard to limiting the routing table through the use of iBGP.<br> <br> The meeting started with a discussion on interception technology by MIT's network manager Jeff Schiller, who until recently was one of two long time IETF Security Area Directors. Jeff had a number of interception, forensics and privacy tidbits interspersed in his talk, including:<br> <ul> <li>Be careful when looking at emails with a mailer that automatically follows embedded URLS.</li> <li>Be sure to have your counsel's cell number when a law enforcement agency comes knocking on your door with a court order or subpoena after hours.</li> <li>The cost of performing interception is the check and balance for abuse. Do we want to make interception technology cheap?</li> </ul> Grover Browning from the Abilene NOC talked briefly about experience deploying IPv6 alongside IPv4. He recommended explicitly setting routing metrics and not to rely on defaults. He reported that his group found some IPv6 misconfigurations by way of DNS. Grover also pointed out that most routers can only filter on the first header in IPv6, which makes general network-based filtering difficult if not impossible.<br> <br> Randy Bush moderated a panel on XML-based network management. Randy made the observant point that a database of configuration data should define the network configuration rather than having the active configs on network devices being the authoritative network configuration. At another point in the meeting Randy told the audience that they should be using <a href="http://www.shrubbery.net/rancid">Rancid</a>.<br> <br> Barry Greene moderated a tutorial on Deploying Sinkholes. This is a useful strategy for monitoring and researching network traffic that is directed to unused address space. Large network providers may have to use a anycast model to draw traffic to distributed sinkholes so as not to create a congestion aggregate on the way to a single sinkhole network. On an unrelated note, it was pointed out that networks using private addresses internally could be hit by reflection attacks. For example, if an ISPs routers use RFC1918 address space, it may be directly unreachable from the outside, but an attacker could spoof packet with RFC1918 space and aim them at publicly accessible IPs in the ISP's network. The publicly accessible IPs then may reply to the spoofed RFC1918 space, which may be the ISP's internal, private address space numbered gear.<br> <br> Later that night I attended the ISP Security BoF, which seems to always be one of the most popular sessions. Rob Thomas gave a good overview of miscreant behavior, botnets and the underground economy. It was pointed out that rate limiting ICMP and UDP are currently popular protocols for DoS and that rate limiting can help mitigate those kind of attacks.<br> <br> <font size="-1">[Editor's note] <i>Rate limiting can be dangerous. Applications, particularly network management tools, can fail, but also if you're not careful, some critical types of applications can also be affected (e.g. audio, video, DNS).</i></font><br> <br> Cathy Wittbrodt, an ex @Home network engineer, or in her words, a network diva, gave an overview of the now defunct cable modem network. This was an interesting talk describing how the network was designed and evolved over its relatively short life. I got the impression that @Home's network was not at all elegant. Cathy shared a number of <i>hacks</i> that were used or considered in the network, including wrapping fiber around pencils to get the attentuation they needed or the consideration to put the Internet's BGP routes into @Home's IGP OSPF.<br> <br> Randy Bush moderated another panel this time on SBGP and SoBGP. Essentially, these are two proposals that help secure BGP routing. Each takes a slightly different approach. There is a great deal of info about <a href="ftp://ftp-eng.cisco.com/sobgp/index.html">SoBGP on Cisco's FTP server</a>. Similarly, there is a great deal of info about <a href="http://www.net-tech.bbn.com/sbgp/sbgp-index.html">SBGP at BBN</a>. In this and other sessions, it was pointed out that many operators fail to setup even basic security protections such as TCP MD5 signatures on BGP peering sessions so how can we expect more advanced mechanisms like SBGP or SoBGP to be effective? Someone pointed out that if your address space is hijacked by a rogue BGP announcement, you could announce something more specific. However, this will have limited effectiveness, especially when some providers filter prefixes based on assignment length.<br> <br> Interesting links found at the meeting:<br> <ul> <li><a href="http://www.nric.org">The Network Reliability and Interoperability Council</a></li> <li><a href="http://www.mazunetworks.com/white_papers/radin-print.html"> Distributed Denial of Service Attacks: Who Pays?</a></li> </ul> http://ntgrd.depaul.edu/index.html/2003/04/25#nws2003 <!--2003-04-25-15:48> nfoggi attended the <a href="http://events.internet2.edu/2003/NWS-workshop.html">Internet2 Performance Production Workshop</a> and <a href="http://events.internet2.edu/2003/NWS-symposium.html">Intenet2 Music Education Symposium</a> at the <a href="http://www.nws.org">New World Symphony (NWS)</a> in Miama Beach, FL. The NWS uses Abilene/Internet2 connectivity for broadcasting many of their performances to the Internet2 community, but also provides remote master classes for students using video conferencing technology.<br> <br> Ann Doyle, the Internet2 Program Manager for the Arts and Humanities Initiative, was one of the first speakers of the morning on the first day. She discussed what it takes for the master classes and then for performances, both one-way broadcast performances and two-way interactive performances.<br> <br> The first scenario she discussed was the master class. NWS has come up with a mobile cart that can range in price from $15,000 to $20,000, which has the ability to roll into any room with network connectivity and be setup to go. Oklahoma University and the Cleveland Institute of Music, along with other sites, have dedicated rooms that are equipped with all the necessary gear to have a session. The necessary equipment includes:<br> <ul> <li>MPEG-2 codec</li> <li>10/100 LAN switch</li> <li>Camera (Sony PTZ EVID30)</li> <li>Video switch</li> <li>Display monitor</li> <li>Video production monitor</li> <li>Audio mixer</li> <li>Speaker pair (bi-amped)</li> <li>MICs</li> <li>UPS / surge protection </li> <li>Road case</li> </ul> <br> Master classes are the easier of the two to setup and pull-off successfully. There is obviously some advanced planning needed to arrange time, space and equipment, but far less time needed than for a performance. One thing to think about while having a master class is the technicians' time needed at each end of the class. Depending on the technology used a technician may need to be present for the whole class or just the beginning and end. ...and of course a technician must be available if something goes wrong. Another thing to think about is whether network engineers need to be available in the case of any network problems.<br> <br> The performance production requires a lot more planning and support. Some of the stuff on a production (whether a single broadcast to the community or an interactive broadcast between multiple sites) are:<br> <ul> <li>Production staff, which includes:</li> <ul> <li>Stage manager</li> <li>Producer</li> <li>Director</li> <li>Marketing staff</li> <li>Budget manager</li> </ul> <li>Video engineers/technicians</li> <li>Audio engineers/technicians</li> <li>Set designer</li> <li>Lighting designer</li> </ul> <br> The production process is very similar to that of a theatrical production. Production meetings should begin months in advance to plan out and write a script to be followed on the day of the performance. There should be tech rehearsals and a dress rehearsal run through to ensure that the production runs as smoothly as possible.<br> <br> Estimated costs for a large production may easily cost in excess of $30,000 if there is a need to rent lots of equipment.<br> <br> Bob Riddle, from Internet2, was the next person up who discussed network connectivity. There are three components that determine if the network you are on will support the production. These include speed, latency and packet loss. You need high speed, low latency and virtually no packet loss to successfully pull off a live production or master class. Bob broke down the capacity requirements for the different quality of video as follows:<br> <ul> <li>H.323 - 384 Kb/s</li> <li>MPEG1 - 1 Mb/s</li> <li>MPEG2 - 7 to 16 Mb/s</li> <li>Digital Video - 30 Mb/s</li> </ul> <br> These requirements are guidelines to help make the determination if you will be able to support the broadcast or not.<br> <br> Bob could not emphasize enough that troubleshooting in advance must occur. The Internet2 community has developed tools to help determine if the network is capable of supporting the production. There is a device called a <i>cakebox</i>. This is a stand-alone PC with no keyboard, monitor or mouse that can be shipped to a site and be plugged into the network. Once plugged in, it phones home and allows technicians to run remote tests to determine if the network will handle the broadcast or not. Then, of course, ensure that there is enough time to setup and test the equipment prior to the day of the performance.<br> <br> <font size="-1">[Editor's note] <i>There is Microsoft Windows-based application called <a href="http://detective.internet2.edu">Internet2 Detective</a>, which allows an end user to determine the capabilities of end host and network connection, specifically for testing the available capacity and IP multicast connectivity.</i></font><br> <br> The next speakers were a team from NWS and Internet2 that discussed codecs and <i>netcasting</i>. They reviewed how the mobile cart works and the differences between the StarValley products and the VBricks.<br> <br> Next up was the sound engineers from NWS and Brian Shapard from Oklahoma University. Video obviously is a big portion of the technology, but having good sound quality may actually be a bigger challenge and probably a little more difficult to ensure. A live one-way broadcast is easier to successfully undertake than a two-way interactive session.<br> <br> <font size="-1">[Editor's note] <i>Presumably because there is a greater opportunity to perform some buffering, while delaying the transmission only slightly. Whereas in the interactive case, delays must be avoided for effective two-way communications.</i></font><br> <br> Brian talked about the different types of microphones and their associated polar patterns. The stumbling block isn't so much mic choice, but how to deal with echo cancellation. Echo is caused by the microphones at site A picking up audio coming from site B and resending it to site B. When the audio gets back to site B, it is played through the speakers. However, it has gotten back there a second or two from the time it was created, thus causing a delayed echo effect.<br> <br> In a master class setting the simplest and most effective way to solve an echo problem is to have the professor and student wear in-ear monitors. This prevents the mics from being able to hear the speakers, thus cancelling the echo. However, many musicians won't wear or don't want to wear in-ear monitors as they are not used to doing it that way.<br> <br> There are electronic echo cancellation devices, but many of these devices are geared to cancel human voice frequency ranges and therefore do not work for music.<br> <br> An electronic tool you can use to assist in the echo cancellation is a compressor or gate. The best ones to use are the higher end models with a key input, but those may be cost prohibitive. You can use a cheaper compressor/gate that will help and may be able to eliminate it depending on the setup. A compressor is more forgiving than a gate, but deciding which to use is dependent on the situation. These devices' settings may change for each session though, so having a technician that knows how to use them is crucial.<br> <br> The last technology that can be used is having a technician do something call <i>riding the faders</i>. This is where someone manually turns up and down the microphones to help eliminate the echo.<br> <br> Finally, mic choice and placement can assist in your echo cancellation endeavors.<br> <br> Next Adam Zeichner from NWS and Ann Doyle from Internet2 discussed communication systems used for load-in, rehearsals and day of production. During load-in of equipment the best technology is walkie-talkies. These can be on different channels so a channel is assigned to the sound crew, one to the video, one to the stage hands for stage operations and one to the network engineers if needed. Cell phones are also handy for communication off-site. During rehearsals and productions its best to use a <i>clear-com</i> type of system that is a headset based party line. If working between multiple sites a conference call based system is also useful so that each site can dial into a conference call and be able to communicate with remotely located engineers. There are devices to tie the clear-com systems into phone lines and walkie talkies in order to make it adapt to any scenario.<br> <br> It is also very important to determine where the control room will be in relation to the stage so that the audience is not able to hear the control room talking to all the different operations.<br> <br> After lunch, video connectors, formats, mixing and lighting were discussed. The big thing is lighting for video. Cameras see light differently than the human eye. Video does not contrast well so the set design along with the clothing people wear are very important.<br> <br> At this point we had a demonstration of the new Sony HD Camera and high definition format video, which was quite impressive.<br> <br> We then had a demonstration master class. This actually proved why advanced testing is needed. They attempted to setup a class between the University of Mexico and NWS, which by the time they got going, the instructor had to leave. They had not done any advanced testing.<br> <br> We ended the day with a 10.2 digital surround sound immersive sound demonstration that I don't think I can describe in words. It was just impressive! It is something that we should see start coming out in the next couple of years. It redefines surround sound and takes it to a new level.<br> <br> The second day was a day geared towards educators and demonstrating the technology.<br> <br> Ann Doyle from Internet2 spoke again and offered that if schools have an event coming up to contact her as Internet2 has staff can assist in writing news releases and places to advertise it, including the Internet2 web site.<br> <br> Tom Snook from NWS then gave a brief overview of the techonology for attendees.<br> <br> Our first master class was with William Bennett, an NWS guest instructor who taught an oboe lesson to a student at the Eastman School of Music. William was local, while the student was on the remote side. This was the first class William had done using the technology. He said that it took some getting used to it, but it overall was a good experience and he enjoyed it.<br> <br> The next master class was with Stephen Geber who was at Case Western Reserve University Center and his students, the Cello NWS Fellows. This was interesting, as now the class was in front of us and the instructor remote, but at the same time it was an ensemble, not just a one-on-one class. The class went well and during the Q&A period both sides had positive feedback and also enjoyed the experience.<br> <br> Next, Michael Tilson Thomas, the NWS Artistic Director, conducted a conducting class with a student conductor and a chamber orchestra at the Cleveland Institute of Music. Michael had used this technology before and had adapted to it using hand signals to signal the remote end when he wanted them to stop. It was quite interesting to see the interaction of users that have used the system before and how they adapt. The class was very successful and I think showcased how people can adapt to technology limitations.<br> <br> References:<br> <ul> <li><a href="http://arts.internet2.edu/">Internet2 Arts & Humanities</a></li> <li><a href="http://music.ou.edu/internet2/">Music Technology at Oklahoma University, Internet2 Activities</a></li> <li><a href="http://apps.internet2.edu/roadshows.html">Internet2 demo applications, equipment loads and publicity materials</a></li> </ul> http://ntgrd.depaul.edu/index.html/2003/04/01#namedreport1.2 <!--2003-04-01-10:34> We have updated our BIND named reporting tool, which fixes some bugs. <a href="/software/named-report-1.2.tar.gz">named-report v1.2</a> fixes some bugs and adds some additional reporting. You can always visit the <a href="/software/">R&D Team Software Page</a> for the latest version and other tools.