SlideShare a Scribd company logo
1 of 36
“TALE OF A NEW BANGLADESHI NIX”
Md. Rashedul Hasan
System Admin
DigiCon Telecommunication Limited
INTERNET EXCHANGE POINT (IXP)
What is an IXP?
Any place
where
providers
meet to
exchange
traffic.
ISP-06
ISP-02
ISP-05
ISP-03
ISP-01
ISP-04
IXP Switch
Why it is needed?
• IXPs help reduce the portion of an ISP's traffic that must be delivered via their
upstream transit providers, thereby reducing the average per-bit delivery cost of
their service.
• IXPs play an essential role in reducing the cost of transit connections over the
Internet.
A NIX Deployment Journey …….
To ReachThe Destination……
• Study – historical data to get the idea of NIX Operation
• Observation- others NIX to get the GraphicalView of a NIX.
• Plan – what we would like to do and how.
• Deployment – begin the journey towards the Goal.
• Challenges – what we have faced.
• Initiatives – to overcome those challenges what we have
done.
• Configuration – what changes we have made.
What Plan we have madeTo Deploy A NIX…..
Router
IIG
Server Zone
SW
IXP
Manager
Route
Svr-01
Route
Svr-02
SIPIX
RPKI
Validator
Looking
Glass
NTP
Server
NMS
Server
NIX SW
ISP-1
ISP-2
ISP-3
Server Zone
NIX Diagram
ISP-3
RTBH
Root
Server
We have deployed Route Server as a Route Collector
Operational View of a Route Server
NIX SW
Server Zone
SW
Route
Server-1
Route
Server-2
ISP-02
Router
ISP-01
Router
IIG IIG
Router
BGP Session
(Routing Information
Flow)
Traffic Flow
BGP Session
(Routing Information
Flow)
How Challenges we have faced during the “Route Server” Deployment
- Route Server Selection: Router or Linux Server
- “Open source” Routing daemon Selection:
• BIRD
• GoBGP
• OpenBGPd:
• FRR (fork of Quagga)
• Quagga (LINX fork)
BIRD is used in several Internet Exchanges, such as the London Internet Exchange (LINX), LONAP,
DE-CIX and MSK-IX as a Route Server, where it replaced Quagga because of its scalability issues.
- BIRD Version Selection:
- Version 1.6, 1.7, 2.0.7, 2.0.8, 2.0.9, 2.0.10 (27.6.2022 - New release)
Why we select BIRD Version 2.0.9?
• BGP: Flowspec validation procedure
• Babel: MAC authentication support
• CLI: New 'show route in <prefix>' command
• Filter: Faster (16-way) prefix sets
• Filter: MPLS label route attribute
• Filter: Operators to pick community components
• Filter: Operators to find minimum and maximum element of lists
• BGP: Log route updates that were changed to withdraws
• BGP: Improved 'invalid next hop' error reporting
• OSPF: Allow ifaces with host address as unnumbered PtP or PtMP ifaces
• OSPF: All packets on PtP networks should be sent to AllSPFRouters address
• Scripts for apkg-powered upstream packaging for deb and rpm
• Support for Blake2s and Blake2b hash functions
• Security keys / passwords can be entered in hexadecimal digits
• Memory statistics split into Effective and Overhead
• Linux: New option 'netlink rx buffer' to specify netlink socket buffer size
• BSD: Assume onlink flag on ifaces with only host addresses
• Many bugfixes
Source: https://bird.network.cz/pipermail/bird-users/2022-February/015949.html
Challenges to ensure the Security………
Challenge-01: Drop the UndesirableTraffic
DDoS Attack
To Overcome the Challenge for Drop the UndesirableTraffic
Expected Solution:
1. BGP Flow Spec Implementation
2. RTBH Implementation
How RTBH is Dropping the UndesirableTraffic ?
NIX SW
ISP-02
ISP-03
ISP-04
ISP-05
ISP-06
ISP-07
ISP-01 RS-1 RS-2
RTBH
DDoS
Detection
Tool
Attack
Source
Target
Validate BGP prefixes advertised by
networks constituting the Internet.
Challenge-02: Route OriginValidation
RPKIValidator Deployment
Route Server Cluster
NIX SW
Server Zone
SW
Route
Server-1
Route
Server-2
ISP-02
Router
ISP-01
Router
IIG IIG
Router
RPKI
Validator
Resource Public Key Infrastructure (RPKI) is
an opt-in service that provides security for
Internet routing.
Routinator is a full-featured RPKI Relying
Party software package that runs as a service
which periodically downloads and verifies RPKI
data
Buildup the Inter Communication
Between
IPTSP to IPTSP for Call Forwarding
SIPIX Diagram for Inter Communication
IIG
NIX SW
Server Zone
SW
SIPIX
Server
IPTSP-1
IPTSP-2
Subscriber-1
Subscriber-
1
IP
User-X
IP
User-Y
Major Challenges What We have faced for SIPIX
Challenges:
- Unlimited concurrent calls.
- Minimum Call SetupTime.
- Ensure HighVoice Quality all time.
- Ensure High Availability
What Initiatives we have taken against the Challenges
 Unlimited concurrent calls is depends on No. of Cores & RAM.
I have allocate more Core and RAM for the SIPIX Server as required.
 Minimum Call SetupTime is depends on Optimized Routing.
We have worked to do the same as required.
 To Ensure HighVoice Quality all time, We have provided G711 Codec.
 To Ensure High Availability, we are working for the same.
Root Servers
Root Servers are responsible for directing each domain name
lookup request to its respective nameserver.
Root Server Instances
Root Server Anycast Instances Deployment
Deployment Challenges:
1. Meet the Requirements of the Operators for the ROOT Instance.
2. Availability of the Equipment's as need for deployment.
3. Deployment Plan for the Anycast Root DNS for the Specific Region.
Initiatives for the Deployment:
1. We have communicated with Some DNSOperator for the Anycast Root Instance
Deployment.
2. After getting the green signal from the operator, we have provided the required
information.
3. Hope that, we will get the Root Server instance with in short possible time.
Looking Glass Deployment
Providing Routing Transparency
Looking Glass provides you with information
relative to backbone routing and network
efficiency, providing you with the same
transparency that customers on our network
receive directly.
Route Server Cluster
NIX SW
Server Zone
SW
Route
Server-1
Route
Server-2
IIG IIG
Router
Looking
Glass
NTP Server Deployment
Network Time Protocol (NTP) is an internet protocol used to synchronize
with computer clock time sources in a network.
Server Zone
SW
IXP
Manager
Route
SVR-01
Route
SVR-02
SIPIX
RPKI
Validator
Looking
Glass
NTP
Server
NMS
Server
NTP Server Deployment
IXP Manager Deployment
What is IXP Manager?
- Manage peers, contact details and users.
- Single solution to document everything (Switches, Ports, Ips, Cabling)
- Provides statistics and insights to peers (MRTG, Smokeping, Sflow)
Full stack Management system for IXPs
What does the future hold?
What we would like to do?
• Complete the Root Server Instances mapping
• Establish Multi PoP Connectivity
• Add Content Re-distribution/Caching Service
• Add Domain Hosting Service
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX

More Related Content

What's hot

Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceFred Posner
 
PySpark in practice slides
PySpark in practice slidesPySpark in practice slides
PySpark in practice slidesDat Tran
 
Cyber Threat Hunting - Hunting in Memory at Scale
Cyber Threat Hunting - Hunting in Memory at ScaleCyber Threat Hunting - Hunting in Memory at Scale
Cyber Threat Hunting - Hunting in Memory at ScaleInfocyte
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaBangladesh Network Operators Group
 
RocksDB detail
RocksDB detailRocksDB detail
RocksDB detailMIJIN AN
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyDatabricks
 
LTM essentials
LTM essentialsLTM essentials
LTM essentialsbharadwajv
 
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveMichal Rostecki
 
Top 5 Mistakes to Avoid When Writing Apache Spark Applications
Top 5 Mistakes to Avoid When Writing Apache Spark ApplicationsTop 5 Mistakes to Avoid When Writing Apache Spark Applications
Top 5 Mistakes to Avoid When Writing Apache Spark ApplicationsCloudera, Inc.
 
Kamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and YouKamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and YouFred Posner
 
Microservices Network Architecture 101
Microservices Network Architecture 101Microservices Network Architecture 101
Microservices Network Architecture 101Cumulus Networks
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slidesDocker, Inc.
 
DNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsDNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsMen and Mice
 
Tech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of Facebook
Tech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of FacebookTech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of Facebook
Tech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of FacebookThe Hive
 
flowspec @ APF 2013
flowspec @ APF 2013flowspec @ APF 2013
flowspec @ APF 2013Tom Paseka
 
Polyglot persistence @ netflix (CDE Meetup)
Polyglot persistence @ netflix (CDE Meetup) Polyglot persistence @ netflix (CDE Meetup)
Polyglot persistence @ netflix (CDE Meetup) Roopa Tangirala
 
Encor chapter 1_packet forwarding
Encor chapter 1_packet forwardingEncor chapter 1_packet forwarding
Encor chapter 1_packet forwardingmerhatsidikmelke
 

What's hot (20)

Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood Prince
 
PySpark in practice slides
PySpark in practice slidesPySpark in practice slides
PySpark in practice slides
 
Cyber Threat Hunting - Hunting in Memory at Scale
Cyber Threat Hunting - Hunting in Memory at ScaleCyber Threat Hunting - Hunting in Memory at Scale
Cyber Threat Hunting - Hunting in Memory at Scale
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with Grafana
 
RocksDB detail
RocksDB detailRocksDB detail
RocksDB detail
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
 
LTM essentials
LTM essentialsLTM essentials
LTM essentials
 
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep Dive
 
Top 5 Mistakes to Avoid When Writing Apache Spark Applications
Top 5 Mistakes to Avoid When Writing Apache Spark ApplicationsTop 5 Mistakes to Avoid When Writing Apache Spark Applications
Top 5 Mistakes to Avoid When Writing Apache Spark Applications
 
Kamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and YouKamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and You
 
Microservices Network Architecture 101
Microservices Network Architecture 101Microservices Network Architecture 101
Microservices Network Architecture 101
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
DNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsDNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing Solutions
 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna
 
Tech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of Facebook
Tech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of FacebookTech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of Facebook
Tech Talk: RocksDB Slides by Dhruba Borthakur & Haobo Xu of Facebook
 
flowspec @ APF 2013
flowspec @ APF 2013flowspec @ APF 2013
flowspec @ APF 2013
 
Polyglot persistence @ netflix (CDE Meetup)
Polyglot persistence @ netflix (CDE Meetup) Polyglot persistence @ netflix (CDE Meetup)
Polyglot persistence @ netflix (CDE Meetup)
 
Aruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation Guide
 
Encor chapter 1_packet forwarding
Encor chapter 1_packet forwardingEncor chapter 1_packet forwarding
Encor chapter 1_packet forwarding
 

Similar to Tale of a New Bangladeshi NIX

Design and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANsDesign and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANsFab Fusaro
 
TechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the DatacenterTechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the DatacenterRobb Boyd
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124  | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124  | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
2. RINA overview - TF workshop
2. RINA overview - TF workshop2. RINA overview - TF workshop
2. RINA overview - TF workshopARCFIRE ICT
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2srmanjuskp
 
IPv6 and IP Multicast… better together?
IPv6 and IP Multicast… better together?IPv6 and IP Multicast… better together?
IPv6 and IP Multicast… better together?Steve Simlo
 
ITN_Module_17.pptx
ITN_Module_17.pptxITN_Module_17.pptx
ITN_Module_17.pptxssuserf7cd2b
 
Integrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkIntegrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkAruba, a Hewlett Packard Enterprise company
 
Implementing a scalable ospf based solution
Implementing a scalable ospf based solutionImplementing a scalable ospf based solution
Implementing a scalable ospf based solutionArnold Derrick Kinney
 
M1-C17-Armando una red.pptx
M1-C17-Armando una red.pptxM1-C17-Armando una red.pptx
M1-C17-Armando una red.pptxAngel Garcia
 
17 - Building small network.pdf
17 - Building small network.pdf17 - Building small network.pdf
17 - Building small network.pdfPhiliphaHaldline
 
Panel with IPv6 CE Vendors
Panel with IPv6 CE VendorsPanel with IPv6 CE Vendors
Panel with IPv6 CE VendorsAPNIC
 
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpecPLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpecPROIDEA
 
Simplified IPv6 Subnetting. Understanding What’s What.
Simplified IPv6 Subnetting. Understanding What’s What.Simplified IPv6 Subnetting. Understanding What’s What.
Simplified IPv6 Subnetting. Understanding What’s What.SolarWinds
 

Similar to Tale of a New Bangladeshi NIX (20)

Design and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANsDesign and Deployment of Enterprise WLANs
Design and Deployment of Enterprise WLANs
 
TechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the DatacenterTechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the Datacenter
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124  | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124  | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
 
2. RINA overview - TF workshop
2. RINA overview - TF workshop2. RINA overview - TF workshop
2. RINA overview - TF workshop
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
 
IPv6 and IP Multicast… better together?
IPv6 and IP Multicast… better together?IPv6 and IP Multicast… better together?
IPv6 and IP Multicast… better together?
 
ITN_Module_17.pptx
ITN_Module_17.pptxITN_Module_17.pptx
ITN_Module_17.pptx
 
Integrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access NetworkIntegrating Unified Communications and Collaboration on an Aruba Access Network
Integrating Unified Communications and Collaboration on an Aruba Access Network
 
Ipx protocol slide share
Ipx protocol slide shareIpx protocol slide share
Ipx protocol slide share
 
Implementing a scalable ospf based solution
Implementing a scalable ospf based solutionImplementing a scalable ospf based solution
Implementing a scalable ospf based solution
 
M1-C17-Armando una red.pptx
M1-C17-Armando una red.pptxM1-C17-Armando una red.pptx
M1-C17-Armando una red.pptx
 
17 - Building small network.pdf
17 - Building small network.pdf17 - Building small network.pdf
17 - Building small network.pdf
 
Accelerated SDN in Azure
Accelerated SDN in AzureAccelerated SDN in Azure
Accelerated SDN in Azure
 
Panel with IPv6 CE Vendors
Panel with IPv6 CE VendorsPanel with IPv6 CE Vendors
Panel with IPv6 CE Vendors
 
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpecPLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
 
Simplified IPv6 Subnetting. Understanding What’s What.
Simplified IPv6 Subnetting. Understanding What’s What.Simplified IPv6 Subnetting. Understanding What’s What.
Simplified IPv6 Subnetting. Understanding What’s What.
 
Building a Router
Building a RouterBuilding a Router
Building a Router
 

More from Bangladesh Network Operators Group

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephBangladesh Network Operators Group
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
 

More from Bangladesh Network Operators Group (20)

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
 
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJRecent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
 
Fact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in BangladeshFact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in Bangladesh
 
AI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the PyramidAI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the Pyramid
 
IPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCTIPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCT
 
Network eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
 
A plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s DeploymentA plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s Deployment
 
IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia  2022IPv6 Deployment in South Asia  2022
IPv6 Deployment in South Asia 2022
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
An Overview about open UDP Services
An Overview about open UDP ServicesAn Overview about open UDP Services
An Overview about open UDP Services
 
12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User Experience
 
BdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptxBdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptx
 
MANRS for Network Operators
MANRS for Network OperatorsMANRS for Network Operators
MANRS for Network Operators
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Measuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create ValueMeasuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create Value
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
Route Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS ApproachRoute Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS Approach
 
31, Get more from your IPv4 resources
31, Get more from your IPv4 resources31, Get more from your IPv4 resources
31, Get more from your IPv4 resources
 

Recently uploaded

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoTAnalytics
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 
Buy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxBuy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxEasyPrinterHelp
 
Buy Epson EcoTank L3210 Colour Printer Online.pdf
Buy Epson EcoTank L3210 Colour Printer Online.pdfBuy Epson EcoTank L3210 Colour Printer Online.pdf
Buy Epson EcoTank L3210 Colour Printer Online.pdfEasyPrinterHelp
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyJohn Staveley
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FIDO Alliance
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCzechDreamin
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 

Recently uploaded (20)

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Buy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxBuy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptx
 
Buy Epson EcoTank L3210 Colour Printer Online.pdf
Buy Epson EcoTank L3210 Colour Printer Online.pdfBuy Epson EcoTank L3210 Colour Printer Online.pdf
Buy Epson EcoTank L3210 Colour Printer Online.pdf
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 

Tale of a New Bangladeshi NIX

  • 1. “TALE OF A NEW BANGLADESHI NIX” Md. Rashedul Hasan System Admin DigiCon Telecommunication Limited
  • 3. What is an IXP? Any place where providers meet to exchange traffic. ISP-06 ISP-02 ISP-05 ISP-03 ISP-01 ISP-04 IXP Switch
  • 4. Why it is needed? • IXPs help reduce the portion of an ISP's traffic that must be delivered via their upstream transit providers, thereby reducing the average per-bit delivery cost of their service. • IXPs play an essential role in reducing the cost of transit connections over the Internet.
  • 5. A NIX Deployment Journey …….
  • 6. To ReachThe Destination…… • Study – historical data to get the idea of NIX Operation • Observation- others NIX to get the GraphicalView of a NIX. • Plan – what we would like to do and how. • Deployment – begin the journey towards the Goal. • Challenges – what we have faced. • Initiatives – to overcome those challenges what we have done. • Configuration – what changes we have made.
  • 7. What Plan we have madeTo Deploy A NIX…..
  • 9. We have deployed Route Server as a Route Collector
  • 10. Operational View of a Route Server NIX SW Server Zone SW Route Server-1 Route Server-2 ISP-02 Router ISP-01 Router IIG IIG Router BGP Session (Routing Information Flow) Traffic Flow BGP Session (Routing Information Flow)
  • 11. How Challenges we have faced during the “Route Server” Deployment - Route Server Selection: Router or Linux Server - “Open source” Routing daemon Selection: • BIRD • GoBGP • OpenBGPd: • FRR (fork of Quagga) • Quagga (LINX fork) BIRD is used in several Internet Exchanges, such as the London Internet Exchange (LINX), LONAP, DE-CIX and MSK-IX as a Route Server, where it replaced Quagga because of its scalability issues. - BIRD Version Selection: - Version 1.6, 1.7, 2.0.7, 2.0.8, 2.0.9, 2.0.10 (27.6.2022 - New release)
  • 12. Why we select BIRD Version 2.0.9? • BGP: Flowspec validation procedure • Babel: MAC authentication support • CLI: New 'show route in <prefix>' command • Filter: Faster (16-way) prefix sets • Filter: MPLS label route attribute • Filter: Operators to pick community components • Filter: Operators to find minimum and maximum element of lists • BGP: Log route updates that were changed to withdraws • BGP: Improved 'invalid next hop' error reporting • OSPF: Allow ifaces with host address as unnumbered PtP or PtMP ifaces • OSPF: All packets on PtP networks should be sent to AllSPFRouters address • Scripts for apkg-powered upstream packaging for deb and rpm • Support for Blake2s and Blake2b hash functions • Security keys / passwords can be entered in hexadecimal digits • Memory statistics split into Effective and Overhead • Linux: New option 'netlink rx buffer' to specify netlink socket buffer size • BSD: Assume onlink flag on ifaces with only host addresses • Many bugfixes Source: https://bird.network.cz/pipermail/bird-users/2022-February/015949.html
  • 13. Challenges to ensure the Security………
  • 14. Challenge-01: Drop the UndesirableTraffic DDoS Attack
  • 15. To Overcome the Challenge for Drop the UndesirableTraffic Expected Solution: 1. BGP Flow Spec Implementation 2. RTBH Implementation
  • 16. How RTBH is Dropping the UndesirableTraffic ? NIX SW ISP-02 ISP-03 ISP-04 ISP-05 ISP-06 ISP-07 ISP-01 RS-1 RS-2 RTBH DDoS Detection Tool Attack Source Target
  • 17. Validate BGP prefixes advertised by networks constituting the Internet. Challenge-02: Route OriginValidation
  • 18. RPKIValidator Deployment Route Server Cluster NIX SW Server Zone SW Route Server-1 Route Server-2 ISP-02 Router ISP-01 Router IIG IIG Router RPKI Validator Resource Public Key Infrastructure (RPKI) is an opt-in service that provides security for Internet routing. Routinator is a full-featured RPKI Relying Party software package that runs as a service which periodically downloads and verifies RPKI data
  • 19. Buildup the Inter Communication Between IPTSP to IPTSP for Call Forwarding
  • 20. SIPIX Diagram for Inter Communication IIG NIX SW Server Zone SW SIPIX Server IPTSP-1 IPTSP-2 Subscriber-1 Subscriber- 1 IP User-X IP User-Y
  • 21. Major Challenges What We have faced for SIPIX Challenges: - Unlimited concurrent calls. - Minimum Call SetupTime. - Ensure HighVoice Quality all time. - Ensure High Availability
  • 22. What Initiatives we have taken against the Challenges  Unlimited concurrent calls is depends on No. of Cores & RAM. I have allocate more Core and RAM for the SIPIX Server as required.  Minimum Call SetupTime is depends on Optimized Routing. We have worked to do the same as required.  To Ensure HighVoice Quality all time, We have provided G711 Codec.  To Ensure High Availability, we are working for the same.
  • 23. Root Servers Root Servers are responsible for directing each domain name lookup request to its respective nameserver.
  • 25. Root Server Anycast Instances Deployment Deployment Challenges: 1. Meet the Requirements of the Operators for the ROOT Instance. 2. Availability of the Equipment's as need for deployment. 3. Deployment Plan for the Anycast Root DNS for the Specific Region. Initiatives for the Deployment: 1. We have communicated with Some DNSOperator for the Anycast Root Instance Deployment. 2. After getting the green signal from the operator, we have provided the required information. 3. Hope that, we will get the Root Server instance with in short possible time.
  • 27. Providing Routing Transparency Looking Glass provides you with information relative to backbone routing and network efficiency, providing you with the same transparency that customers on our network receive directly. Route Server Cluster NIX SW Server Zone SW Route Server-1 Route Server-2 IIG IIG Router Looking Glass
  • 28. NTP Server Deployment Network Time Protocol (NTP) is an internet protocol used to synchronize with computer clock time sources in a network.
  • 31. What is IXP Manager? - Manage peers, contact details and users. - Single solution to document everything (Switches, Ports, Ips, Cabling) - Provides statistics and insights to peers (MRTG, Smokeping, Sflow)
  • 32. Full stack Management system for IXPs
  • 33. What does the future hold?
  • 34. What we would like to do? • Complete the Root Server Instances mapping • Establish Multi PoP Connectivity • Add Content Re-distribution/Caching Service • Add Domain Hosting Service