Dear SwiNOG community, We’ve just released the agenda for SwiNOG #31 on Tuesday 30.05.2017 on top of Gurten. I even heard that apparently, we could book the place with a nice-weather-and-sunshine package. Rumours I guess, but thank you Roman ;-) Registration ends 24.05.2017 23:59:00, after that - please write us for late reg (with extra costs). Agenda http://www.swinog.ch/meetings/swinog31/agenda.asp Freifunk; not a Hotspot solution | Magnus Frühling Freifunk is a community project, first mentioned 2002, connecting humans all over Germany and further. I will present why Freifunk is more than just hotspots. Freifunks brings people together and educates them while building an open, uncensored and local mesh network. Open Ethernet Switches - Decoupling Switch Software and Hardware | Arne Heitmann (Mellanox) This presentation gives an introduction and overview to addressing network functionality independently from specifically coupled hardware and NOS via open APIs and drivers. It discusses the trends and options for using open OSs for network operations and will show different architectural models, like ONIE (Open Network Install Environment), SwitchDev and others. DANE/DNSSEC | Daniel Stirnimann (SWITCH-CERT) Why do we trust an encrypted TLS connection? We trust it because the server certificate has been signed by one of the public certificate authorities for which your application (e.g. browser) has its public key pre-installed. But can we really trust the CAs? And how can we improve TLS encryption for applications such as mail where certificate warnings cannot be shown to the user? DANE (TLSA) specifies a protocol for publishing TLS server certificate associations via DNSSEC. The presentation will show the benefit of authenticated DNS data, provide usage guidance for the TLSA record. A brief .CH domain name TLSA survey. Summarizes application support for DANE/DNSSEC. Also, a very short demo of an unsigned domain take-over to issue a domain validated certificate. VXLAN - Thinking outside the (DC)Box | Christian Kuster (Huawei) SwissIX Update | Christian Wittenhorst (SwissIX) SwissIX Update Multi-tenancy with EVPN-VxLAN in Open Networking | Attilla de Groot (Cumulus Networks) Open Networking or "Web scale networking" is the concept where you're no longer tied into a single vendor for a network solution. You're free to choose your own hardware and software. Cumulus Networks has developed a Linux distribution that runs on switches in this concept. VxLAN has become the default overlay technology in modern datacenter design. Vendors have implemented their own control plane for VxLAN tunnels in DCs. The EVPN standard (RFC7432) provides a control plane that is interoperable between vendors. We have implemented EVPN-VxLAN support that allows an overlay network being built with BGP as the control plane protocol. At this time, there is support for L2 functionalities, but there is ongoing development on support for L3 features such as VxLAN routing with Multitenancy support. In this talk these new features will be shown, the details of the protocol and the design/security implications for large scale datacenter networks. - https://tools.ietf.org/html/rfc7432 - https://tools.ietf.org/html/draft-ietf-bess-evpn-overlay-07 L3 Routing to Hypervisor | Vincent Bernat (Exoscale) A common strategy for hypervisors in cloud is to act as a bridge for the client virtual machines. This provides a known environment for clients used to flat networks and DHCP. However, this limits scalability and resilience. To solve those issues, a hypervisor running Linux can be turned into a BGP-controlled router while still exposing a flat L2 network to clients. Presenter is myself. I need 30 minutes for talk and live demo. If needed, I can use more time since I have a lot of technical details I can share. Open Slot (to be filled) Network Automation – Road trip to an automated Network | Urs Baumann (INS - Institute for Networked Technology) SDN is on the top of the hype cycle and its definition gives a lot of room for interpretation. But do we really need the whole SDN stack to take advantage of it? Most SDN solutions are anyway based on proven technologies which are well-known for many years. In this speech, I will focus on the Network Automation part of SDN, I will show you examples of „low hanging fruits", describe ways of how to start with the implementation of network automation and how to grow it to a fully automated network. Open Slot (to be filled) Social Event Looking forward to seeing all of you!!! Simon SwiNOG