Improving Technical Security

The Role of South Asia’s NOGs in Community Building

At the recently concluded 34th South Asia Network Operators Group (SANOG 34), it was interesting not only to hear about the evolution of digital infrastructure, technology, and the economy in South Asia, including the opportunities it presents to network operators, but also to hear how community-led national Network Operating Groups (NOGs) in South Asia are working to build technical community knowledge, capacity, and engagement in their respective economies.

SANOG, which was set up as a sub-regional, community-led initiative in 2003, has played a significant role in bringing operators from the region together for knowledge sharing and cooperation. It is a biannual event, rotated among economies for maximum reach and participation.

While the NOGs of developed economies in the Asia Pacific began forming in the late 1990s, the NOGs in South Asia are quite recent: Bangladesh (bdNOG) and Bhutan (btNOG) were set up in 2014; Nepal (npNOG) in 2016; Sri Lanka (LKNOG) in 2017; and India (INNOG) in 2017.

The objectives of these NOGs are to encourage knowledge sharing within their respective economies and discuss global and regional technical developments, while addressing local requirements and issues. This, in turn, helps members of the operator community acquire the necessary skills to equip them for the present and the future. NOG meetings also provide a common ground for networking among participants, which helps in the exchange of ideas and thoughts. While most of the NOGs in South Asia have an annual event, it is only bdNOG that is held twice a year. The NOG meetings are normally rotated across cities in order to cater to more people.

While most NOGs organize both workshops and conferences during their events, depending on the requirement of the region and availability of trainers, the number of conference and workshop days at a NOG meeting vary: bdNOG has a half-day conference and four days of workshops; INNOG has a one-day conference and three days of workshops; npNOG has a half-day conference and three days of workshops; and LKNOG has a one-day conference and a one-day workshop.

Topics for discussion and training are normally decided based on global and regional trends, keeping domestic requirements in mind. IPv6, IXPs, MPLS, DNS, routing security, network monitoring and management, and SDN are some of the workshop topics you can expect to find at a NOG meeting in South Asia.

Most NOG meetings are paid entry events, with an average of around 150 participants attending.

We can look to the larger and more established NOGs in the Asia Pacific region for inspiration for what we want our South Asian NOG meetings to become. Holding hackathons and expanding the topics of discussion to more cutting-edge topics like next-generation data centre architecture and segment routing are just two ideas. Some very large NOGs are even able to run meetings without registration fees, attracting large numbers of attendees.

To encourage participation, NOGs such as LKNOG, btNOG, and bdNOG have provided fellowships. As women and youth are still less represented in such meetings, diversity initiatives have been taken by NOGs in the sub-region, including providing fellowships for women and young students in btNOG, organizing a networking panel for women, to promote women in tech at LKNOG, and so on.

While most of the NOGs aspire to increase their participation further and provide fellowships to deserving candidates, they face issues such as the uncertainty or inadequacy of sponsorships and unavailability of trainers (especially local). NOGs in South Asia can be particularly hindered by these issues.

Despite the odds, however, the NOGs are finding innovative ways to encourage more participation and help build a community of  trained and knowledgeable network operators, who are connected and can support one another when required.

This article reprinted with permission by the Asia Pacific Network Information Centre (APNIC), the Regional Internet Registry for the Asia-Pacific region.

Mutually Agreed Norms for Routing Security (MANRS)

SANOG 32 – Another Success Story for MANRS

The SANOG 32 meeting was held on 2-10 August 2018 in Dhaka, Bangladesh, which marked fifteen amazing years of collaboration between network operators in the South Asia region. The Internet Society is proud to support the SANOG fellowship programme that provides opportunities for network engineers from countries in the region to attend, as well as organising the Network Security workshop during the event.

SANOG 32 also saw another MANRS milestone reached when the ISP Association of Bangladesh (ISPAB) signed a Memorandum of Understanding (MoU) with the Internet Society. ISPAB is a membership-based, not-for-profit organization that provides a forum for Bangladeshi ISPs to discuss technology, policy, regulatory and commercial issues and find collective solutions.

In accordance with the MoU, both ISPAB and ISOC will work together to promote and support MANRS, to encourage network operators in Bangladesh to join the initiative. There are currently only two MANRS participants in the country, so being able to increase engagement with the networking community is a welcome development.

Dr Philip Smith (NSRC and Chair of SANOG Programme Committee) also provided a MANRS update during the conference session.

The Network Security workshop attracted 40 participants and was lead by MANRS founding member Matsuzaki Yoshinobu (IIJ) and Champika Wijayatunga (ICANN), with local support provided by Moinur Rehman and Anirban Data. This featured a hands-on lab where participants learned about the four MANRS action – namely Prefix Filtering, Anti-Spoofing, Coordination and Global Validation. APNIC staff also demonstrated how to update Whois information through MyAPNIC, how to create route/route6 objects, as well as how to create Route of Origin Authorisations (ROAs) for the Internet number resources (IP addresses and AS numbers) under their management. These steps are important in achieving two of the MANRS actions – Coordination and Global Validation.

The South Asian Network Operators Group (SANOG) was started in 2003 to bring together engineers and industry experts from network operators for the purpose of knowledge sharing as well as co-operation among all the relevant stakeholders in the South Asian region which covers Afghanistan, Bangladesh, Bhutan, India, Maldives, Nepal, Pakistan and Sri-Lanka. The SANOG meeting incorporates workshops and tutorials in conjunction with the conference, and people from the community are invited to contribute as workshop instructors or share their experiences through tutorial or conference presentations. Many network operators in the region are in the nascent stage of development, such helps  valuable.

Special thanks to Sumon Ahmed Sabir (SANOG Founding member and Core Com)Gazi Zehadul Kabir (SANOG Chair), Rashed Amin (Vice President ISPAB), Md.Emdadul Hoque (Secretary General ISPAB) and Simon Sohel Baroi (SANOG PC Chair) for the great support.

Its great to see MANRS getting support in the Asia Pacific region. If you are running a network infrastructure then be part of the solution and help protect the core. Join MANRS.

Community Projects Domain Name System (DNS) Domain Name System Security Extensions (DNSSEC) Improving Technical Security IPv6

An eventful week at SANOG 29

After a long wait of 4.5 years, the 29th edition of SANOG came back to Pakistan, this time in the countrys capital, Islamabad. The Pakistan Telecom Authority (PTA) and the Higher Education commission of Pakistan (HEC) came forward to jointly host the event at the HEC headquarters.

SANOG 29 consisted of two days of conference, one day of tutorial alongside the Internet Society’s ION Conference, and the usual five days of workshops with three parallel tracks. Eight days of action-packed agenda was good enough to attract a lot of audiences.

The ION Conference was inaugurated by chairman HEC Dr. Mukhtar Ahmed and PTA chairman Dr. Ismail Shah, with two keynotes from distinguished industry experts: Mr. Yousuf Bhaiji discussed the “Future of Networks, Networking, and Networkers” and Mr. Haris Shamsi shared his views on “Software Defined Everything”.

The opening ceremony was well-attended by many network professionals and academia delegates from all over Pakistan. There was good media presence as well. A number of foreign delegates participated in the event, representing Facebook, Google, Internet Society, NL-IX, DE-CIX, IIJ, APNIC, NSRC, University of Tokyo and ICANN, making it one of the most successful SANOGs in Pakistan after the first SANOG in 2006.

PKNOG was inaugurated during the conference day, with a dedicated plenary session to announce its establishment. It took a very long time for the Pakistani technical community to create their own NOG where they can discuss and share technical knowledge with each other. Tentatively, the standalone first PKNOG event will be organised in the third quarter this year.

An issue that was underlined throughout the conference and tutorial was the dire state of IPv6 deployment in Pakistan. Unfortunately, Pakistan is lacking in this arena, with IPv6 traffic at less than 1% of the total internet traffic as per measurements by APNIC. But recently there has been a great deal of interest and enthusiasm in the community towards IPv6 deployment and hopefully, this will increase in the coming months.

Another great news was announced during SANOG: the establishment of PKIX (Pakistan Internet Exchange) in Islamabad. It was formally inaugurated by the Minister of IT and Telecom, Ms. Anusha Rehman. PTA, ISOC and APNIC played a vital role in setting up PKIX. Discussions are underway to establish other nodes in Karachi and Lahore. ISOC and PTA are also engaging with stakeholders on how this process may be streamlined.

After the conference and tutorial there were five days of hands-on workshops which were conducted by foreign delegates on following topics:

Dr. Philip Smith (NSRC) and Dr. Nimal (NSRC) – Campus Design and Security

Champika Wijayatunga (ICANN) and Dr. Rao Naveed – DNS and DNSSEC Deployment

Aftab Siddiqui (ISOC) and Matsuzaki Yoshinobo (IIJ) – IPv4/v6 routing

The closing ceremony was held on the last day of the workshop, with the Minister of Education as the chief guest. Certificates were distributed to participants and shields given to the instructors and organizers. It was a very successful event that will hopefully jumpstart a PKNOG meeting in the near future.

Deploy360 Events IPv6

SANOG25 Is Underway In Kandy, Sri Lanka

SANOG25, the 25th meeting of the South Asian Network Operators Group, is currently happening in Kandy, Sri Lanka. Yesterday after the Program Committee chairman opened the day I presented the results of our IETF and Operators survey. The topic generated some discussion, one of them being that the “culture” issue resonates quite well with this operators community and might be one of major obstacles for more operators involvement in the IETF standardization process.

10930114_10205975693334287_8160221652415401763_nToday the official opening of the meeting started with lighting the fires on a meeting statue and various welcome talks from the host and and the chairs of different committees, followed by interesting sessions. In the closing plenary session I’m on the stage again, this time talking about “IPv6 Troubleshooting Procedures” document, being developed in RIPE BCOP TF and apparently of great interest of NOG communities around the world. 10900104_10205975694094306_7898476185792515265_o

Tomorrow the ION Sri Lanka meeting takes place and everyone is warmly invited to attend it.

If you are at SANOG25 meeting – come and find me around, I’ll be happy to chat about how to make Internet a better place. 🙂

Deploy360 Improving Technical Security IPv6

Slides: Security In An IPv6 World – Myth & Reality

What are the myths about IPv6 security?  What is the reality? How secure is IPv6 really?  What new security advantages does it offer? What should IT system administrators be thinking about with regard to security as they move into an IPv6 world?

In a talk to the South Asian Network Operators Group (SANOG) today, our Chris Grundemann discussed these questions and many more in a talk titled “Security In An IPv6 World – Myth & Reality“.  His slides are now online for viewing:

If a recording of the presentation becomes available we’ll update this post with more information.

UPDATE: Chris’s slides are now available as a PDF download.

Improving Technical Security IPv6

Slides: Security In An IPv6 World – Myth & Reality

What are the myths about IPv6 security?  What is the reality? How secure is IPv6 really?  What new security advantages does it offer? What should IT system administrators be thinking about with regard to security as they move into an IPv6 world?

In a talk to the South Asian Network Operators Group (SANOG) today, our Chris Grundemann discussed these questions and many more in a talk titled “Security In An IPv6 World – Myth & Reality“.  His slides are now online for viewing:

If a recording of the presentation becomes available we’ll update this post with more information.

UPDATE: Chris’s slides are now available as a PDF download.

Deploy360 Events IETF IPv6

Chris Grundemann at SANOG 23 Discussing IPv6, BCOP, IETF, and More

SANOGWe’re coming to Asia this year and I’m kicking things off with a trip to Thimphu, Bhutan for SANOG 23 next week (in fact I start traveling today)! I’d love a chance to meet if you’re in town too.

SANOG is the South Asian Network Operators Group and I’ll let them introduce themselves:

SANOG was started to bring together operators for educational as well as co-operation. SANOG provides a regional forum to discuss operational issues and technologies of interest to data operators in the South Asian Region. The main objective is educational, but at the same time gives vendors a chance to talk to engineers about newer technology and products on the sidelines. Engineers get to talk to each other about experiences, benefit the entire community. This non commercial people networking is in line with established practices like NANOG in North America, RIPE Meetings in Europe and APRICOT in Asia.

SANOG has been holding meetings for over a decade at this point. You can learn more on their website:

I will be giving two talks at SANOG 23. The first, on Monday, is titled “DO and You – an Introduction to the Internet Society Deployment & Operationalization (DO) Team” and as you can imagine it will focus on our team, our current projects, and how folks can get involved. In particular I will be letting Asian network operators know about BCOP activities in other regions, about opportunities to contribute to Deploy360, and about our new Operators at the IETF research project (which I unofficially announced earlier this week – watch for the official announcement, or take the survey). On Tuesday, day 2, I’ll be presenting a talk I call “Security in an IPv6 World – Myth and Reality” that takes a myth-busting approach to IPv6 security. While not a comprehensive coverage by any stretch, it should be a fun and informative talk. Find more about IPv6 here at Deploy360.

Whether you’re making this trip or not, be sure to follow my Twitter for information as it happens (and probably a picture or two of Bhutan as well) and as always, stay in touch with us for all of the latest news, events, live streams, and more!