This is related to my day job at the IETF.
If anyone here is considering or already implementing L4S and is willing to share their experiences for an industry briefing paper then please drop me a line.
thanks
Jay
--
Jay Daley
jay(a)daley.org.nz
Hi all!
APIX#30 is scheduled for Tuesday 3 September 2024 and will be held alongside APNIC58 in Wellington, NZ. APIX is the Asia-Pacific Internet Exchange Association.
The APIX Program Committee therefore invites presentations for the upcoming APIX#30 meeting.
Suitable topics include:-
* Internet Exchange ecosystem: topics related to the technical components of IXPs and their architectures
* Internet Exchange operations: adopting new technology, monitoring and management of IXPs
* Internet Exchange security: threats, mitigations and use cases in the IXP context
* Internet Exchange growth and organisation: attracting new members, onboarding them and keeping them involved
* Assessment and analysis of the impact of Internet Exchanges on the Internet ecosystem
* Internet landscape generally: what big picture issues affect IXPs or their members
* Data centre ecosystem: what trends are we seeing, what features and technology makes a DC a good home for an IXP?
* Any other topics related to Internet and IXP operations.
Presentations need to be of a practical orientation and directly assist the IXP community in establishing, running and growing IXPs. The intention is knowledge sharing and skill enhancement. Presentations aimed just at trying to sell services will not be accepted. Presentations can be in person or remote, you must tell us your preference.
Hope to see you there
--
Narelle Clark
Chief Executive Officer
Internet Association of Australia Ltd
[cid:image001.png(a)01DAE1C7.1114FAA0]
Suite 1.05, 150 Pacific Highway * North Sydney, NSW 2060
[Smart Phone with solid fill] +61 2 9037 6403
[Receiver outline] 1300 653 132
[Envelope with solid fill] ceo(a)internet.asn.au<mailto:ceo(a)internet.asn.au>
[Earth globe: Asia and Australia with solid fill] www.internet.asn.au<http://www.internet.asn.au/>
[cid:image006.jpg(a)01DAE1C7.1114FAA0]<https://internet.asn.au/events/nsw-ix-400gbps-ports/>
Hello NZNOG community,
APNIC and RIPE NCC have introduced an annual ASN maintenance fee from January 2025. As part of a research group currently studying AS Number management at TU Delft, we would like to understand the perspectives of network administrators in reference to this change. Your experience and expertise will help us understand and present the consensus of the community through our research.
The link for the survey is : https://tudelft.fra1.qualtrics.com/jfe/form/SV_6DzjvsCOXjto8R0
For more information about the study: https://blog.apnic.net/2024/07/16/a-comprehensive-review-of-rir-policies-in…
We would be grateful if you could take a few minutes to complete the survey. Your participation will help develop solutions for network operators.
Thank you for your time and your input,
Nachiket Kondhalkar
TU Delft
Kia ora koutou,
InternetNZ is beginning its return to routine DNSSEC operations.
Starting on 15-07-2024, we will begin our improved process, which
incorporates changes from internal and external reviews following the
DNSSEC incident in May 2023.
This will consist of four short maintenance windows, in which we will
pause zone distribution to make changes, perform validation, and
resume zone distribution.
The status and scheduling will be posted to status.internetnz.nz. To
be notified, subscribe to IRS Production > Zone Publish
Window 1
We will change the DS TTL in DNSSEC policy for the standby chain of
second level domains.
This change addresses the issues encountered in May 2023.
Window 2
We will perform a KSK rollover on the standby DNSSEC chain for nz,
ac.nz, co.nz, net.nz, gen.nz, org.nz, govt.nz, parliament.nz, geek.nz,
school.nz, kiwi.nz, iwi.nz, maori.nz, cri.nz, health.nz, and mil.nz
This will generate new DNSSEC keys and add them to the standby signing chain.
Window 3
We will mark the keys generated in window 2 as active in the standby
DNSSEC chain.
Window 4
Window 4 will occur after the TTL safety period (2xTLL, 2 Days) has
lapsed and DNSSEC RRSET validation is possible via both the old keys
and new keys.
The DNSSEC policies updated in Window 1 with the correct TTL timing
will be enforced, this will result in the safe retirement of the old
keys and allow us to remove redundant keys from the zones.
The current standby chain key tags for each zone are as follows:
nz: 49157, ac.nz: 5938, co.nz: 59176, cri.nz: 19190, geek.nz: 7171,
gen.nz: 48574, govt.nz: 18181, health.nz: 33694, iwi.nz: 58454,
kiwi.nz: 47464, maori.nz: 21689, mil.nz: 43906, net.nz: 25105, org.nz:
24626, parliament.nz: 49424, school.nz: 27382
We would like to emphasise that if you encounter any DNSSEC issues,
please report them to us via registry(a)internetnz.net.nz.
We will keep you updated, and provide a summary report at the
conclusion of incident-related work.
Ngā mihi
Josh
--
Josh Simpson
Product Infrastructure Lead
InternetNZ | Ipurangi Aotearoa
www.internetnz.nz
<blatant advert>
We are doing an hour long deep dive webinar on LibreQos June 14th, courtesy
of the APNIC Academy, with an astounding 196 signups so far. We are pushing
multiple terabits of traffic around the world through it now, not just for
ISPs, but for MDUs, post VPN processing, upstream DIY circuits, on
everything from DSL to fiber.
As an open source, eBPF based transparent bridge, it only takes a few
minutes to install in-band, and be able to pull stats about your networks'
behaviors that you've never seen before, and then apply the best shaping
and bufferbloat-beating code in the world to it.
Sign up here: https://academy.apnic.net/en/events?id=a0BOc000000Pgk1MAC -
especially if you have been deploying fq_codel or cake, replacing brittle
policers, etc, etc.
We have a very popular chat too:
https://chat.libreqos.io/join/fvu3cerayyaumo377xwvpev6/
PS The upcoming v1.5 release of libreqos is about 30% faster (example:
pushing over 60Gbits through a $1500 Ryzen box), which is enough for 10s of
thousands of customer networks on the other side of it. We have the ability
to model and debloat complicated networks 8 hops deep, or along a
troublesome edge, new support for emitting netflow, and quite a few other
useful things in that release. and we hope to put it into beta by the end
of this month, or earlier.
Please come to the webinar to see the latest code, live, in production!
https://github.com/LibreQoE/LibreQoS/tree/develop
</blatant advert>
I am in general deliriously happy with the stability, and performance of
this stuff and the growth of uptake worldwide over the last 6 months, (and
also watching starlink get thoroughly debloated a few months back was a
real high, tho they just used fq and something codel-ly not LibreQos)
Y'all are just minutes and minor CAPEX away from a vastly better internet.
--
https://www.linkedin.com/feed/update/urn:li:activity:7203400057172180992/
Donations Drive.
Dave Täht CSO, LibreQos
In response to feedback from operational security communities,
CAIDA's source address validation measurement project
(https://spoofer.caida.org) is automatically generating monthly
reports of ASes originating prefixes in BGP for systems from which
we received packets with a spoofed source address.
We are publishing these reports to network and security operations
lists in order to ensure this information reaches operational
contacts in these ASes.
This report summarises tests conducted within nzl.
Inferred improvements during May 2024:
ASN Name Fixed-By
38299 REANNZ-CORP-NZ-AP 2024-05-12
Further information for the inferred remediation is available at:
https://spoofer.caida.org/remedy.php
Source Address Validation issues inferred during May 2024:
none inferred
Please send any feedback or suggestions to spoofer-info(a)caida.org
Apologies if you have received this through other channels.
NZNOG 2024 was held in Nelson in April.
Each year we produce a survey. This is very useful, for example it helps us
to:
- Give feedback to speakers
- Get feedback ourselves around the conference in general, and programme
- Plan future NZNOG conferences
Please help us out by completing our survey, at the following URL:
https://www.surveymonkey.com/r/B6GS7MT
Even if you did not attend, please have a look - you can of course skip the
sections about feedback for 2024, and provide feedback to help us plan
future conferences.
--
Nathan Ward for the NZNOG Trustees
In response to feedback from operational security communities,
CAIDA's source address validation measurement project
(https://spoofer.caida.org) is automatically generating monthly
reports of ASes originating prefixes in BGP for systems from which
we received packets with a spoofed source address.
We are publishing these reports to network and security operations
lists in order to ensure this information reaches operational
contacts in these ASes.
This report summarises tests conducted within nzl.
Inferred improvements during Apr 2024:
ASN Name Fixed-By
38299 REANNZ-CORP-NZ-AP 2024-04-14
Further information for the inferred remediation is available at:
https://spoofer.caida.org/remedy.php
Source Address Validation issues inferred during Apr 2024:
ASN Name First-Spoofed Last-Spoofed
38299 REANNZ-CORP-NZ-AP 2024-01-28 2024-04-28
Further information for these tests where we received spoofed
packets is available at:
https://spoofer.caida.org/recent_tests.php?country_include=nzl&no_block=1
Please send any feedback or suggestions to spoofer-info(a)caida.org
_____________________________________________________________________
APNIC 58 Conference - Call for Presentations
_____________________________________________________________________
The APNIC Program Committee (PC) is seeking presentations for the APNIC
58 conference in Wellington, New Zealand from 30 August to 6 September
2024. The PC is looking for content that would suit technical sessions,
tutorials, lightning talks, and panel discussions.
Topics for the conference sessions must be relevant to Internet
operations and technologies. For possible areas of topics and submission
details, please see:
https://conference.apnic.net/58/program/callforpresentations/index.html
Key dates
---------
Call for presentations opens: Wednesday, 24 April 2024
First round acceptance: Monday, 27 May 2024
Final deadline for submissions: Thursday, 27 June 2024
Final round acceptance: Saturday, 27 July 2024
Please take note of the key dates so that the program can be announced
early.
APNIC 58 conference registration is free for selected speakers, however
speakers must fund their own travel if presenting in-person. The PC will
give preference to in-person presentations over remote presentations.
Prospective presenters should note that the majority of speaking slots
will be filled well before the final submission deadline. The PC will
retain a limited number of slots up to the final submission deadline
for presentations that are exceptionally timely, important, or of
critical operational importance.
If you have any other ideas or proposals for panel or BoF sessions,
please feel free to submit your ideas via the submission system.
If you have any questions, please email the PC at:
apnic-pc(a)apnic.net
For more information about APNIC 58, please see:
https://conference.apnic.net/58/index.html
Sent on behalf of the APNIC 58 PC
________________________________________________________________________
APNIC Secretariat
e: secretariat(a)apnic.net
p: +61 7 3858 3100
www.apnic.net
________________________________________________________________________
In response to feedback from operational security communities,
CAIDA's source address validation measurement project
(https://spoofer.caida.org) is automatically generating monthly
reports of ASes originating prefixes in BGP for systems from which
we received packets with a spoofed source address.
We are publishing these reports to network and security operations
lists in order to ensure this information reaches operational
contacts in these ASes.
This report summarises tests conducted within nzl.
Inferred improvements during Mar 2024:
none inferred
Source Address Validation issues inferred during Mar 2024:
ASN Name First-Spoofed Last-Spoofed
38299 REANNZ-CORP-NZ-AP 2024-01-28 2024-03-31
Further information for these tests where we received spoofed
packets is available at:
https://spoofer.caida.org/recent_tests.php?country_include=nzl&no_block=1
Please send any feedback or suggestions to spoofer-info(a)caida.org
