GRNOG (Greek Network Operators Group) is a community of professionals that are involved in the design, implementation, provisioning and operation of Greek Internet services, networks and infrastructure.

Within this scope, the purpose of the group is:

• to create a human network of professionals with common technical interests
• to facilitate the exchange of knowledge and information among its members
• to promote the cooperation between companies, bodies and parties related to the Greek Internet
• to disseminate Greek and global Internet developments, emerging technologies, best operating practices and standards
• to develop tools, policies, practices and means of communication that facilitate day-to-day operations and long-term design and planning

Members: If you are interested in our group, please consider becoming a member. GRNOG members may use GRNOG mailing lists and participate in all GRNOG meetings, events, activities, discussions and elections.

Non-Members: Although GRNOG is addressing a specific community of professionals, a broader audience may be interested in its activities. GRNOG encourages non-members to participate in our meetings and interact with the group through social media. Non-members, however, have no access to the discussion mailing list and cannot participate in GRNOG elections.

This talk will focus on front-face changes and developments currently undertaken or in discussion phase within the RIPE community. Examples include: syncing the LIR Portal users with the "default maintainer" in the RIPE Database, an update on the Resource Public Key Infrastructure (RPKI) developments and upcoming changes in the Near Real-Time Mirroring (NRTM) service of the RIPE Database.

There are IP networks with many geographically dispersed points of presence (POPs) having multiple transit providers and peers. Could be that there is submarine capacity involved with varying costs. In these environments, optimizing traffic is critical, both from service and financial perspectives.

ISPs are mostly dominated by incoming traffic and this presentation focuses on manipulation of this type of traffic. Manual handling of BGP configuration is cumbersome and error-prone, so an automated solution can enhance quality and make policy enforcement in real-time a possibility.

In this presentation I describe the design and implementation of a prototype in lab, BGP based traffic engineering engine for ISPs. The lab simulates an IP/MPLS core with lots of peers and transits. I will mention the overall design and implementation in a Juniper based network and demonstrate a working demo in the lab enforcing policy with a few examples.

The main components of the solution are unification/standardization of BGP policies based on large communites and configuration management based on Salt/NAPALM.

Build from the ground up the infrastructure for the 1st digital bank in Greece.

At the Wikimedia Foundation, we are running the world’s favourite encyclopædia and one of the top 10 websites of the Internet. In this talk we will take a tour around Wikipedia’s infrastructure.

We will explain how requests flow through our systems, and how we manage to serve ~17 bn pageviews monthly with a little over ~1200 servers. Moreover, will go through our history, our transition to service oriented architecture and microservices, and briefly discuss our ongoing journey in migrating to Kubernetes.

When analyzing peering traffic and identifying DDoS attacks, BGP provides valuable additional insight to supplement Flow information. In this talk we'll go over the different challenges, actions and learnings from the past four years to enable the support of thousands of peerings in a multi-tenant SaaS platform.

Kentik utilizes multiple auxiliary sources, such as SNMP, DNS, RADIUS or Streaming Telemetry, to enrich the ingested flow. The most prominent of these sources though, is BGP. With BGP data, Kentik is able to produce BGP-related analytics such as peering analytics and in addition, utilize the peering bidirectionally to enable DDoS mitigation capabilities such as RTBH and Flowspec.

In this presentation we'll start with a short introduction on how Kentik uses BGP, in order to define the technical requirements for the setup. We'll then overview the different generations of the setup through the years:
1. 1 active node (2 nodes in active-backup) - ucarp
2. 4 active nodes with mask-based hashing - RTBH functionality is introduced, exabgp is introduced
3. 10 active nodes with full-tuple hashing and support for balancing IPv6 (current setup - slowly getting deprecated) - Flowspec is introduced
4. 16+ nodes with IPVS+keepalived and easy pooling/depooling setup (now in testing)

With the requirement being that the external customer service needs to remain stable and not require any reconfiguration, for each phase we'll illustrate the challenges, examine the options available to Kentik engineers, explain the choice that was made and describe the outcome, leading Kentik to be able to support more than 4000 peerings across 16 nodes today.

In this talk, I will deepdive into what problems we face with BGP, how vulnerable we are for hijacks and what to do against them.
Although I work for Juniper Networks the presentation is vendor agnostics and focusses on the state of routing security.
Currently, it is strongly focussed on RPKI but I can include more general filtering methods as well.

GRNOG (Greek Network Operators Group) is a community of professionals that are involved in the design, implementation, provisioning and operation of Greek Internet services, networks and infrastructure.

Within this scope, the purpose of the group is:

• to create a human network of professionals with common technical interests
• to facilitate the exchange of knowledge and information among its members
• to promote the cooperation between companies, bodies and parties related to the Greek Internet
• to disseminate Greek and global Internet developments, emerging technologies, best operating practices and standards
• to develop tools, policies, practices and means of communication that facilitate day-to-day operations and long-term design and planning

Members: If you are interested in our group, please consider becoming a member. GRNOG members may use GRNOG mailing lists and participate in all GRNOG meetings, events, activities, discussions and elections.

Non-Members: Although GRNOG is addressing a specific community of professionals, a broader audience may be interested in its activities. GRNOG encourages non-members to participate in our meetings and interact with the group through social media. Non-members, however, have no access to the discussion mailing list and cannot participate in GRNOG elections.

How I Learned to Stop Worrying and Love: DNS over HTTPS and DNS over TLS.
(presentation/demo)

A flashtalk on DoH/DoT/Do*, followed by some intriguing questions towards the audience.