Workshops at MENOG 24

When registering for our workshops, please note the following: multiple workshops run in parallel, so you can only attend one workshop per day. Ensure you check the schedules before finalising your registration.

Venue:

Grand Millennium Muscat
Al Khuwair, Dauhat Al Adab St, Muscat 133, Oman

MENOG 24 Workshops Schedule

Sunday, 1 December

Monday, 2 December

Tuesday, 3 December


RIPE NCC IPv6 Fundamentals Training Course

  • Date: Sunday, 1 December 2024
  • Time: 09:00 – 18:00
  • Meeting Room: Diamond Room

Description:

The IPv6 Fundamentals Training Course is a one-day course that tackles what IPv6 is and why it’s needed in today’s networks. It also includes basic information on how to plan your deployment and addressing plans.

Target audience:

You should attend this training course if you are part of the staff of a Local Internet Registry (LIR) and if you:

  • Are thinking about deploying IPv6 in your organisation
  • Have been told you need to deploy IPv6
  • Need to convince your manager that IPv6 must be deployed
  • Looked at an IPv6 address and thought it was too complicated to deploy in your network

It is assumed you are familiar with common IP terminology and have practical knowledge of running an IP network.

Agenda:

Time Agenda Item
09:00 – 09:30 Welcome Coffee
09:30 – 11:00 0. Welcome/Introduction
1. IPv4?
2. IPv6 Address Basics
3. Exercise: Notation
4. Getting It
11:00 – 11:30 Coffee Break
11:30 – 13:00 5. Exercise: Making Assignments
6. IPv6 Protocol Basics
7. Exercise: Addressing Plan
13:00 – 14:00 Lunch
14:00 – 15:30 7. Exercise: Addressing Plan (cont.)
8. IPv6 Packets
9. Deploying
15:30 – 16:00 Coffee Break
16:00 – 17:30 10. Exercise: Configuring IPv6
11. Real-Life IPv6 Deployment
12. Tips
17:30 – 18:00 End of Training Course

What to Bring:

Please bring a laptop with Wi-Fi connectivity and a browser. Tablets and smartphones are not supported.

More Information: IPv6 Fundamentals Training Course

Instructors:
Dmitriy Melnik, Technical Trainer and Development Officer, RIPE NCC
Matt Parker, Senior Business Analyst, RIPE NCC


ISOC Routing Security Workshop

  • Date: Sunday, 1 December 2024
  • Time: 09:00 – 18:00
  • Meeting Room: Emerald Room

Description:

This interactive workshop is designed for network operators, engineers and administrators who are keen to enhance the security, resilience and efficiency of their routing and peering infrastructure. Participants will gain hands-on experience in implementing key routing security practices and learn best practices in multihoming, peering and route filtering.

Topics Covered:

  • Border Gateway Protocol (BGP) refresher
  • The role of BGP communities in peering: How to signal routing preferences and manage traffic flows across networks
  • Routing security challenges and implications
  • The Internet Routing Registry (IRR) and filters
  • Routing security best practices
  • Inbound and outbound traffic from peers
  • Anti-spoofing measures
  • Introduction to Resource Public Key Infrastructure (RPKI)
  • RPKI relying parties and Route Origin Validation (ROV)
  • Peering and interconnection strategies
  • Using BGP communities for traffic engineering and managing multiple upstreams effectively

Hands-On Lab: Implementing the learned concepts

  • Practical exercises on setting up multihomed networks and using BGP communities for traffic management
  • Apply route filters and set up secure peering setups
  • Configure RPKI (ROV), route filtering based on ROV

Target Audience:

This workshop, featuring both theoretical aspects and hands-on lab activities, is suitable for those with existing connections to an IXP or multiple ISPs (multihoming), or those planning to connect, or anyone seeking a deeper understanding of how internet connectivity works on a broader scale.

Pre-requisites:

Participants are expected to have mid-level proficiency with a router command line interface and have some understanding and experience with using BGP in an operational network. We will be using Industry Standard CLI (FRRouting Platform).

Agenda:

09:00 – 09:30: Registration and Welcome

  • Welcome and introduction to the workshop

09:30 – 10:30: BGP Refresher

  • Overview of Border Gateway Protocol (BGP)
  • BGP attributes and their role in routing decisions
  • Hands-on Lab:
    • Lab overview
    • Setting up a basic BGP session between two routers

10:30 – 11:30: BGP Communities in Peering

  • Understanding the role of BGP communities in peering
  • How to signal routing preferences using BGP communities
  • Managing traffic flows across networks using BGP communities
  • Hands-on Lab:
    • Using BGP communities to influence inbound and outbound traffic
    • Practical exercises in signalling routing preferences with BGP communities

11:30 – 12:00: Coffee Break 1

12:00 – 13:00: Routing Security Challenges and Implications

  • Overview of common routing security issues (BGP hijacking, route leaks)
  • RFC7454 – Best practices for securing BGP sessions and preventing security breaches
  • Hands-on Lab:
    • Setting up prefix lists and route filters to protect against route hijacking and leaks

13:00 – 14:00: Lunch Break

14:00 – 14:30: Internet Routing Registry (IRR) and Filters

  • The role of Internet Routing Registries (IRR) in routing security
  • Setting up and managing IRR-based filters
  • Importance of maintaining accurate route object records in IRR
  • Hands-on Lab:
    • Configuring route filtering based on IRR data
    • Using bgpq4 to generate prefix lists for secure peering

14:30 – 15:00: Anti-Spoofing Measures

  • Introduction to anti-spoofing measures and BCP 38
  • How to implement ingress filtering to prevent IP spoofing
  • Hands-on Lab:
    • Implementing BCP 38 and ingress filtering on network devices

15:00 – 15:30: Coffee Break 2

15:30 – 16:00: Introduction to RPKI and Route Origin Validation (ROV)

  • What is Resource Public Key Infrastructure (RPKI)?
  • Introduction to RPKI relying parties and the importance of ROV
  • Configuring and validating routes based on RPKI
  • Hands-on Lab:
    • Configuring RPKI validator (demo)
    • Applying route filtering based on ROV

16:00 – 17:30: Hands-on Lab: Implementing the Learned Concepts

  • Practical Exercises:
    • Setting up a multihomed network with multiple upstreams
    • Using BGP communities for traffic management
    • Applying route filters using IRR and setting up secure peering
    • Configuring RPKI, enabling ROV and applying route filtering based on ROV.

17:30 – 18:00: Q&A and Workshop Summary

  • Final Q&A session for participants to address any remaining questions

What to Bring:

A laptop with Wi-Fi connectivity and a browser. Tablets and smartphones are not supported. Participants are required to bring laptops with a modern web browser installed (Chrome/Firefox/Safari/Opera/Edge) and also an SSH/Telnet client such as Putty.

Instructors:
Aftab Siddiqui Senior Manager, Internet Technology, ISOC
Hanna Kreitem Senior Advisor, Internet Technology and Development, ISOC


RIPE Database Training Course

  • Date: Monday, 2 December 2024
  • Time: 09:00 – 18:00
  • Meeting Room: Diamond Room

Description:

The RIPE Database training course is a one-day course. We’ll make you a capable user of the RIPE Database. Mixing hands-on activities with theory, the course participants will get a comprehensive idea of what the RIPE Database is and what they can do with it.

Target Audience:

You should attend this training course if you are part of the staff of a Local Internet Registry (LIR) in the RIPE NCC service region and need to register networks in the RIPE Database.

For this course, you should have a basic understanding of:

  • What an LIR is
  • What a database is
  • How to use a web form
  • IP addresses and AS Numbers
  • BGP
  • DNS

Agenda:

Time Agenda Item
09:00 – 09:30 Welcome Coffee
09:30 – 11:00 0. Introduction
1. Preparation (Access Account/Story)
2. What is the RIPE Database?
3. How does it work?
11:00 – 11:30 Coffee Break
11:30 – 13:00 4. How to update it? (Part 1)
5. How to update it? (Part 2)
6. Delegating to others
7. The RIPE Routing Registry
13:00 – 14:00 Lunch
14:00 – 15:30 8. Reverse DNS
9. Exercise: Reverse DNS
10. More RIPE Database
11. Play Time!
15:30 – 16:00 Coffee Break
16:00 – 17:00 12. The RESTful API
13. Wrap-up / Questions
17: 00 End of Training Course

What to Bring:

Please bring a laptop with Wi-Fi connectivity and a browser. Tablets and smartphones are not supported.

More Information: RIPE Database Training Course

Instructors:
Dmitriy Melnik, Technical Trainer and Development Officer, RIPE NCC
Matt Parker, Senior Business Analyst, RIPE NCC


ICANN Mobile Network Operators Day Middle East 2024

  • Date: Monday, 2 December 2024
  • Time: 09:00 – 17:00
  • Meeting Room: Emerald and Ruby Room

Description:

The Domain Name System (DNS) is a critical service for the functioning of the Internet. Ensuring the security and stability of its infrastructure is crucial to maintaining the trust and effectiveness of Internet services globally.

Therefore, cooperation between the Internet Corporation for Assigned Names and Numbers (ICANN) and Internet Service Providers (ISPs) as well as mobile network operators is essential. This one-day Mobile Network Operator workshop aims to strengthen this technical cooperation, addressing current challenges and sharing best practices for DNS security.

The objectives of this one-day event include:

  1. Strengthening technical collaboration between ICANN and Middle East ISPs and mobile network operators.
  2. Raising awareness of DNS security and stability issues, with an emphasis on new threats and possible solutions.
  3. Identifying the role and contribution of ISPs and mobile network operators in securing the DNS.
  4. Sharing best practices and successful experiences in DNS security among participants.
  5. Maintaining continued technical cooperation between ICANN and technical stakeholders.

Target audience:

  • Chief Technical Officer (CTO), Chief Technical and Information Officers (CTIO), Chief Information Officers (CIO), IT Managers, IT auditors, IT engineers and system administrators (particularly those in charge of DNS systems and email systems) from ISPs and mobile network operators in the Middle East
  • Cybersecurity experts
  • Telecommunications regulatory authorities

Agenda:

Master of Ceremony:
Fahd Batayneh, Stakeholder Engagement Director – Middle East, ICANN

Time Agenda Item and Description Speakers
09.00 – 09.15 Opening Remarks Speakers:

  • Baher Esmat | Vice President, Global Stakeholder Engagement – Middle East and Managing Director, Middle East and Africa, ICANN
  • Omar Al Qatabi | Vice President, Telecom Regulatory Sector, TRA Oman
09.15 – 10.30 Presentation
Technical Engagement at ICANN, Internet Society and RIPE NCC

Presenters:

  • Hisham Ibrahim | Chief Community Officer, RIPE NCC
  • Amreesh Phokeer | Internet Measurement and Data Expert, Internet Society
  • Fahd Batayneh | Stakeholder Engagement Director – Middle East, ICANN
10.30 – 11.00 Coffee Break
11.00 – 12.30 Panel
Security, stability and resiliency of the Internet’s Unique Identifier systems: Contribution of ISPs and mobile network operators in the Middle East.

This panel will explore:

  • The challenges and threats to the security, stability and resiliency of the Internet’s Unique Identifier systems;
  • How the policy and regulatory frameworks that underpin the Internet ecosystem security and resilience in the region address them, and
  • How Internet service providers and mobile network operators are contributing to a more secure Internet: mechanisms to protect against and mitigate DNS threats, implementation of security protocols and best practices.
Moderator:
Faisal Alshukaili | Manager, Technical Standards and Numbering, TRA Oman

Panelists:

  • Jad El Cham | Senior Public Policy Technical Advisor, RIPE NCC
  • Carlos Ganan | Principal Security, Stability & Resiliency Specialist, ICANN
  • Fayez Abu Awad | Policy Director – Middle East and North Africa, GSMA
  • Hamed Al Barwani | Manager, IP/MPLS, Ooredoo Oman
  • Abdullah Al Barwani | General Manager, Corporate Security, OmanTel
  • Ali Al Hashmi | General Manager, Networks, OmanTel
12.30 – 14.00 Lunch
14.00 – 15.30 Panel
The role of Internet measurements in building a more stable and resilient Internet.

This session will start with two presentations (from ICANN and ISOC) on Internet measurements using different techniques and methodologies.

Then, presenters will join a panel to discuss the importance of Internet measurements in decision making, both in policy development and operations management, that help ensure the stability and resilience of the Internet.

Moderator:
Yazid Akanho | Technical Engagement Manager – Middle East and Africa, ICANN

Panelists:

  • Alain Durand | Distinguished Technologist, Office of the CTO, ICANN
  • Hanna Kreitem | Senior Advisor, Internet Technology and Development – MENA, Internet Society
  • Jad El Cham | Senior Public Policy Technical Advisor, RIPE NCC
15.30 – 16.00 Coffee Break
16.00 – 16.45 Presentation
KINDNS: DNS operations best practicesThis presentation will focus on KINDNS program and how it promotes DNS operational and security best practices for a more secure, stable and resilient Internet.

The session will also cover ICANN’s recent efforts in assisting MNOs in activating DNSSEC validation, one of the key practices of KINDNS.

Presenter:
Yazid Akanho | Technical Engagement Manager – Middle East and Africa, ICANN
16.45 – 17.00 Closing remarks Speaker:
Fahd Batayneh | Stakeholder Engagement Director – Middle East, ICANN

 


IRR For Peering Workshop OMAN-IX

  • Date: Tuesday, 3 December 2024
  • Time: 14:00 – 18:00
  • Meeting Room: Diamond Room

Description:

Connecting to an Internet Exchange Point is essential for running an efficient network and delivering excellent service to your customers. Internet Exchange Points provide facilities called route servers, enabling networks to peer with numerous other participants easily. However, this requires specific configuration within the Internet Routing Registry.

Gain a deeper understanding of these challenges and learn how to implement effective measures to ensure the stability and security of the Internet as a whole.

In this workshop, the workings of route servers for filtering behind the scenes will be explained, along with what it takes to peer with them effectively, including all necessary objects in the IRR databases and in RPKI. Participants should have an understanding of BGP and routing prior to joining the online workshop, which will be divided into two 90-minute sessions with a 30-minute break.

Target audience:

Anyone involved in running an ISP or managing routing for their organisation. The prerequisite is to be familiar with routing and have a basic understanding of Internet Exchange Points.

Agenda:

Time Agenda Item
14:00 – 15:30 What is a route server

Filtering on route servers

Route server configuration

Introduction to the RIPE/AfriNIC Database(s)

Inetnum, maintainer, route and as-set objects

15:30 – 16:00 Coffee Break
16:00 – 17:30 Aut-num objects and RPSL

An example configuration for an ISP

Verifying prefix propagation with the AMS-IX Looking Glass, RIPE Stat and RIPE Atlas

17:30 End

What to Bring:

A laptop with Wi-Fi connectivity and a browser. Tablets and smartphones are not supported.

Instructors:
Massimiliano Stucchi, CEO, Glevia GmbH