ION Santiago: Best Current Operational Practices Update (Jan Zorz)
-
Upload
deploy360-programme-internet-society -
Category
Technology
-
view
43 -
download
1
description
Transcript of ION Santiago: Best Current Operational Practices Update (Jan Zorz)
![Page 1: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/1.jpg)
www.internetsociety.org
Best Current Operational Practices (BCOP) – updates and status from around the world
DO Team – Internet Society
![Page 2: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/2.jpg)
BCOP | February 2013
What’s a BCOP?
Best Current Operational Practices A living document describing the best operational practices currently agreed on by subject matter experts
Vetted and periodically reviewed by the global network engineering community (GNEC)
![Page 3: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/3.jpg)
BCOP | February 2013
The Problem
Operational knowledge tends to be “tribal” – Presentations, hallway conversations, internal
documents, in someone’s head… – Technology, tools, and practices change over time…
There are hundreds of operational forums globally
– Archives stored in different formats, some searchable, rarely have speech text or video, no vetting, and state unknown.
How do I find up-to-date, relevant information when I need it?
![Page 4: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/4.jpg)
BCOP | February 2013
The BCOP Solution
Open, Transparent, Bottom-up, and Community led
– Community driven, community written, community vetted Best Current Operational Practices from an open forum, list, and publicly searchable site.
– Community written and approved development process for BCOPs
– Everyone is welcome to participate
80/20 model
![Page 5: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/5.jpg)
BCOP | February 2013
BCOP efforts around the world
http://www.internetsociety.org/deploy360/about/bcop/ • Africa: BCOP group started under AfNOG, lead by
Douglas Onyango
• Asia: BCOP Task Force started at JANOG, co-chaired by Seiichi Kawamura and Yoshinobu Matsuzaki, NZNOG BCOP starting up, lead by Dean Pemberton
• No whole-region effort started yet
• Europe: RIPE BCOP Task Force created, co-chaired by Benno Overeider and Jan Žorž
• Latin America: BCOP Task Force started under LACNOG, lead by Luis Balbinot and Pedro R Torres Jr.
• North America: NANOG BCOP Committee established, lead by Aaron Hughes and Chris Grundemann
![Page 6: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/6.jpg)
BCOP | February 2013
AfNOG BCOP
AfNOG BCOP group is bootstrapping, so URLs with more info are yet to be established.
MailingList: http://www.afnog.org/mailinglist.php
![Page 7: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/7.jpg)
BCOP | February 2013
AfNOG BCOP documents in the works: “IPv6 questions/answers cheat sheet specific to Africa” Contributors: Alfred Arouna
• Aims to consolidate common questions and best answers in a kind of IPv6 questions/answers cheat sheet specific to Africa.
![Page 8: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/8.jpg)
BCOP | February 2013
RIPE BCOP
Charter:
http://www.ripe.net/ripe/groups/tf/best-current-operational-practices-task-force
Mailing List:
https://www.ripe.net/mailman/listinfo/bcop
![Page 9: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/9.jpg)
BCOP | February 2013
RIPE BCOP documents in the works:
“IPv6 troubleshooting for residential helpdesks” Contributors: Lee Howard, John Jason Brzozowski, David Freedman, Jason Fesler, Tim Chown, Sander Steffann, Chris Grundemann, Jen Linkova, Chris Tuska, Daniel Breuer, Jan Žorž
• Starting point for technical support staff at ISPs or enterprise IT helpdesks
• Addresses the “fear of the unknown” problem at many organizations
• Provides a solid first step for front-line support personnel.
![Page 10: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/10.jpg)
BCOP | February 2013
RIPE BCOP documents in the works:
Protocol default values
+ Cryptographical considerations? + ZSK/KSK split or CSK? + When to rollover? + Values for signature validities, re-sign, refresh, … + NSEC or NSEC3? + If NSEC3, when to resalt?
Key management
+ Generation: Number of participants? + Delivery: Integrity checks? Audit trail? + Storage: Online or offline? HSM or not? + Usage: Who can use? How to (de)activate?
“DNSSEC operational practices for authoritative name servers” Contributors: Matthijs Mekking
Available software + Standalone solutions: OpenDNSSEC, BIND, Knot, … + Combinations: ldnsutils + NSD, … + Closed source: Microsoft DNS, Nominum, ...
![Page 11: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/11.jpg)
BCOP | February 2013
RIPE BCOP documents in the works:
Definitions: Interconnection types • Direct interconnection • IXP Peering • IXP Route-server • Multihop
AS relationships • Transit / Customer (leaf) • Transit / Small transit • Peering
Recommendations: AS relationship dependent • TCP-Authentication • AS-PATH filtering • Prefixes filtering (route objects) • Max-prefix • Private AS removing
General recommendations • Martians filtering • Bogons filtering • Default route filtering • Log • Graceful restart
“BGP Best Current Operational Practices” Contributors: Pierre Lorinquer, Observatory Team (G. Valadon, M. Feuillet, F. Contat) and operators Association Kazar, France-IX, Jaguar Network, Neo Telecoms, Orange, RENATER, SFR
![Page 12: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/12.jpg)
BCOP | February 2013
LACNOG BCOP
BCOP-LAC is bootstrapping, URLs with more info to follow.
Mailing list: https://mail.lacnic.net/mailman/listinfo/bcop
![Page 13: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/13.jpg)
BCOP | February 2013
LacNOG BCOP documents in the works: “LacNOG BCOP Development Process document” Contributors: Pedro R. Torres Jr., Luis Balbinot
• A development process is important to capture the Best Current Operational Practices in a documentation format that is uniform and easy to read.
• LacNOG BCOP TF decided to set the format and procedure first and then start capturing the Best Current Operational Practices into documents.
![Page 14: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/14.jpg)
BCOP | February 2013
NANOG BCOP
Charter and Members: http://nanog.org/governance/bcop
Published BCOPs (ratified): http://bcop.nanog.org/index.php/Ratified_BCOPs
Draft BCOPs (in progress): http://bcop.nanog.org/index.php/BCOP_Drafts
Mailing List: http://mailman.nanog.org/mailman/listinfo/bcop
![Page 15: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/15.jpg)
BCOP | February 2013
NANOG BCOP documents in the works: “Public Peering Exchange Participant” Contributors: Shawn Hsiao, Erik Muller
• This BCOP aims to update current “Public Peering Exchange" BCOP
• Add IXP route handling advice
• Remove information pertaining to the operation of an exchange into a separate document, and re-focus the document toward exchange participants
• Other updates as needed
![Page 16: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/16.jpg)
BCOP | February 2013
NANOG BCOP documents in the works: “eBGP Configuration” Contributors: Bill Armstrong, Nina Bargisen, Brian Schleeper, Umair Arshad, Mannan Venkatesan, Courtney Smith, Raghav Bhargava, Karsten Thomann
• This BCOP aims to provide a singular, consistent view of industry standard eBGP interconnection methodologies
• This BCOP will also document pre and post turn-up validation practices and IRR Etiquette
• The primary focus of this BCOP is eBGP know-how
![Page 17: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/17.jpg)
BCOP | February 2013
NANOG BCOP documents in the works: “Ethernet OAM” Contributors: Mark Calkins, Jean-Francois Levesque, Voitek Kozack
• This BCOP aims to provide general Ethernet OAM Orientation and Guidelines that can be followed by any network operator whom wants or needs to utilize Ethernet OAM features.
• The primary focus is on a basic understanding of EOAM technologies.
![Page 18: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/18.jpg)
BCOP | February 2013
NANOG BCOP documents in the works: “Anti-DDoS” Contributors: Yardiel Fuentes
• Waiting on details…
![Page 19: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/19.jpg)
BCOP | February 2013
NANOG BCOP documents in the works: “BCP 38” Contributors: Aaron Hughes
• Waiting on details…
![Page 20: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/20.jpg)
BCOP | February 2013
NANOG BCOP documents in the works: “IPv6 Peering” Contributors: Zaid Ali, Bill Blackford, Chris Grundemann, Aaron Hughes, Darius Jahandarie, Jonathan Lassoff, Joe Provo, Ren Provo, Brandon Ross, Michael K. Smith
• This BCOP aims to provide general IPv6 Peering and Transit guidelines
• The primary focus is on understanding BGP peering and filtering
![Page 21: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/21.jpg)
BCOP | February 2013
JANOG BCOP group
Document in the works:
- EBGP Best Practices
http://www.janog.gr.jp/doc/janog-comment/bcop-ebgp.txt
- How to build, plan and run conference WiFi network
(URL not yet public)
![Page 22: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/22.jpg)
BCOP | February 2013
Potential Topics for Additional BCOPs http://www.internetsociety.org/deploy360/about/bcop/topics/
How to test your network performance
How to check your visibility from global Internet
De-Aggregation: strict filtering /48s out of /32
How are operators using IRR?
IPv6 enterprise network renumbering scenarios, considerations, and methods
DNS Policies
Email Policies
ICMP Filtering
… (we need more suggestions)
![Page 23: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/23.jpg)
BCOP | February 2013
Next Steps
Where are we going from here?
Continue to bootstrap new efforts as needed
Develop new BCOP documents
Lots of low-hanging fruit
Review and update existing BCOP documents
Start thinking & talking about global coordination
![Page 24: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/24.jpg)
BCOP | February 2013
Get Involved Today!
Join this grass-roots effort at the ground floor!
• Contribute to an existing draft
• Offer ideas for new drafts
• Kick off a new document
• Start a local or regional BCOP effort
• Email [email protected] for more information
![Page 25: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/25.jpg)
www.internetsociety.org
mailto:<[email protected]>
Jan Žorž Internet Society Deploy360 Programme
http://www.internetsociety.org/deploy360/
Thank You!
![Page 26: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/26.jpg)
BCOP | February 2013
Global BCOP documents in the works: Title: “BCOP motivations and minimum requirements” Contributors: Chris Grundemann and other global BCOP leaders 1 BCOP Motivation 2 BCOP Fundamentals 2.1 Purpose 2.2 Philosophy 2.2.1 Free from Organizational Agendas 2.2.2 Communal Knowledge available to all 2.2.3 Advancement of the Internet to all reaches of the world (and
beyond) 2.3 Scope 2.4 Principles 2.4.1 Open 2.4.2 Transparent 2.4.3 Bottom Up 2.4.4 On-Going
![Page 27: ION Santiago: Best Current Operational Practices Update (Jan Zorz)](https://reader033.fdocuments.us/reader033/viewer/2022051514/5485929cb479590a0d8b4e8f/html5/thumbnails/27.jpg)
BCOP | February 2013
Global BCOP documents in the works: Title: “BCOP motivations and minimum requirements” Contributors: Chris Grundemann and other global BCOP leaders 2.5 Criteria for BCOP Publication 2.5.1 Clear and Technically Sound 2.5.2 Developed through Open and Transparent Processes 2.6 Terms 3 Minimum Requirements 3.1 Willing BCOP effort leadership 3.2 An active and supportive community 3.3 Willing and able BCOP effort oversight 3.4 Adherence to the four basic principles: Open, transparent,
bottom-up, and on-going. 3.5 A documented BCOP-DP 3.6 A public “Note Well” and acceptable license 3.7 Remain free from organizational agendas