Welcome and Information

• Keith Mitchell (UKNOF)

Network Attachment Privacy (Main Session)

• Piers O'Hanlon (University of Oxford)

In the process of network attachment to IEEE 802 networks a mobile device can potentially reveal a lot about where its user has been and when. The current use of an immutable link-layer address also facilitates persistent tracking. These privacy issues are firstly down to the design of the link layer addressing and protocols, and secondly due to protocols used in IP address acquisition or reacquisition (e.g. DHCP, DNA). The current situation is now starting to change, with some devices beginning to use ephemeral link-layer addressing and also improving their implementation of address acquisition protocols. Furthermore a number of standards bodies are starting to take privacy more seriously and have begun various efforts to address it.

IPv6 Community Best Practices: Unique IPv6 Prefix Per Host (Main Session)

• Gunter Van de Velde (Alcatel-Lucent)

In some IPv6 environments the need has arisen for hosts to be able to utilise a unique IPv6 prefix even though the link or media may be shared. Typically hosts subscribers) on a shared network, like Wi-Fi or Ethernet, will acquire unique IPv6 addresses from a common IPv6 prefix that is allocated or assigned for use on a specific link. Benefits of a unique IPv6 prefix compared to a unique IPv6 address from the service provider are going from enhanced subscriber management to improved isolation between subscribers. In most deployments today IPv6 address assignment from a single IPv6 prefix on a shared network is done by either using IPv6 stateless address auto-configuration (SLAAC) and/or stateful DHCPv6. While this is still viable and operates as designed there are some large scale environments where this concept introduces significant performance challenges and implications, specifically related to IPv6 router and neighbor discovery. This presentation will provide an overview of how IPv6 community Wi-Fi best common practices documented in draft-ietf-v6ops-unique-ipv6-prefix-per-host.

Corero Sponsor Presentation - SDN/NFV DDoS Requirements

• Bipin Mistry (Corero Network Security)

"The Mobile Use Case – 5G" SP carrier architectures are changing and evolving this will drive the need for a more holistic security posture. Security cannot be an after thought and I will use 5G a an example.

DHCPKit: a customisable DHCPv6 server (Lightning Talks)

• Sander Steffann (S.J.M. Steffann)

When deploying IPv6 on a Dutch FttH network I found no open source DHCPv6 server suitable for that scenario. All of them are designed for a dynamic network, while the ISP wants to assign fixed IPv6 prefixes to customers and not assign anything else. Such a configuration was a hack as best and made the DHCPv6 server shut itself down at worst. So I wrote my own fully customisable DHCPv6 server in Python3 and made it open source. This is the result.

UK IPv6 Council Status Update (Lightning Talks)

• Veronika McKillop (Cisco)

The global trend of exponential growth of IPv6 traffic continues and since summer 2015, the UK internet user IPv6 traffic started to grow too. Let's look at this a little bit closer and also at what we can expect in the near future. This session will cover the latest development in IPv6 deployments on global and the UK level, as well as it will update the attendees on the UK IPv6 Council and their activities.

Sky Broadband IPv6 Update (Lightning Talks)

• Ian Dickinson (Sky UK Ltd)

A brief update on the IPv6 rollout at Sky Broadband

IPv4 Market Group Sponsor Presentation - IPv4 Price Trends (Sponsor Presentations)

• Sandra Brown (IPv4 Market Group)

PGP signing session

• Luke Sheldrick (an0key)

Cambridge Cloud Cybercrime Centre

• Richard Clayton

The Cambridge Cloud Cybercrime Centre is a brand new multi-disciplinary initiative combining expertise from the University of Cambridge's Computer Laboratory, Institute of Criminology and Faculty of Law. Our approach is data driven. We have already negotiated access to some very substantial datasets relating to cybercrime and we aim to leverage our neutral academic status to obtain more data and build one of the largest and most diverse data sets that any organisation holds.

Turris Omnia (Main Session)

• Ondrej Filip (CZ.NIC)

Hello! I would like to present news from Turris Project. In the first part of the presentation I plan to mention news mainly from security area and also about our new IoT research project. Turris is acting as large honeypot and it's able to track botnets.E.g. we found a large number of ASUS devices that has a single C&C and tries to increase number of bots. The IoT research is called Turris Gadgets. And we took a similar approach as in the whole Turris project. We picked 100 most active users and gave them sensors and power relays for free and asked to created something new and innovative. And in the second half of the presentation I would like to introduce a new publicly available open source router Turris Omnia. It has many enhancements e.g. it smaller than previous Turris project. It has SFP cage. And of course it's a normal router, able to forward 1Gbps of traffic and supporting routing protocols (BGP/OSPF) and IPv6.

ThousandEyes Sponsor Presentation: Learning from Major Outages in 2015 (Sponsor Presentations)

• Primoz Secnik (ThousandEyes)

Over the course of 2015, we've collected data on numerous network outages in the UK and beyond. We'll share data on several notable events including: a major DNS provider outage, a data center connectivity failure at a large gaming company, a route leak affecting a hosting provider, and availability issues that impacted a social network. This talk will provide you with new ideas on how to capture and interpret performance data, particularly as it relates to issues of DNS, routing and internetworking.

How can we work together to improve security and resilience of the global routing system? (Lightning Talks)

• Andrei Robachevsky (Internet Society)

Why and what kind of collective effort is needed to improve the security and resilience of the global Internet routing system? One of the approaches is the Routing Resilience Manifesto initiative, which features the Mutually Agreed Norms for Routing Security (MANRS) document (https: //www.manrs.org). This initiative launched last year by several leading network operators, combined public commitment, action as well as a minimum baseline for routing security.

Routing Announcement Certification & Validation with RPKI (Lightning Talks)

• Massimiliano Stucchi (RIPE NCC)

RPKI is a protocol to help make the routing on the internet more robust and secure. In this lightning talk I will introduce how to configure your routers to support it, and how to certify your routing announcements.

Phishing, Malware & Fraud Attacks & Countermeasures within the .NL TLD (Main Session)

• Jon Isbell (Netcraft)

Netcraft is positioned at the epicentre of the battle against phishing, malware, & online fraud, and, through its anti-phishing community, has detected and blocked over 18.5 million unique phishing sites to date. Since late 2014, SIDN, the registry in charge of the .NL TLD, has been using Netcraft's services to protect .NL against phishing & malware This talk will provide a case study on the types of attacks seen and the impact countermeasures has had on abuse within the TLD.

Simple, Secure, Scalable virtual networking for the virtualised data centre (Main Session)

• Edward Harrison (Metaswitch Networks / Project Calico)

The modern data centre is now awash with virtualised and containerised workloads serving largely IP based applications. A typical data centre might have 1000s of hosts, running 10s of thousands of VMs, 100s of thousands containers or much more. Networking between these workloads is critical, yet many existing virtual networking technologies aren't built with this level of scale in mind. This presentation introduces Project Calico, an Open Source networking project which is built using the same technologies as the Internet in order to provide the scale, security and simplicity required in the modern data centre.