[cfp] [Fwd: [Tccc] 1st Int. Summer School on Network and Service Management]

-------- Original-Nachricht -------- Betreff: [Tccc] 1st Int. Summer School on Network and Service Management Datum: Wed, 13 Jun 2007 09:56:49 +0200 Von: Juergen Schoenwaelder j.schoenwaelder@jacobs-university.de Antwort an: j.schoenwaelder@jacobs-university.de An: tccc@lists.cs.columbia.edu

1st International Summer School on Network and Service Management

July 9-13, 2007

organized by EMANICS and hosted by the

Jacobs University Bremen, Germany

http://emanics.org/content/view/80/135

Scope: ------

The 1st international summer school on network and service management provides advanced classes on selected advanced topics in network management. The courses will be accompanied with practical hands-on labs in order to combine the theoretical background with some practical experience. The instructors are well known members of the academic and industrial community.

Overview: ---------

Courses and associated practical labs will be organized by instructors who are well known experts. The courses introduce technologies, which are later further studied by the students in a series of exercises of lab experiments.

* Topic #1: Border Gateway Protocol (BGP)

- Border Gateway Protocol BGP (Iljitsch van Beijnum) - BGP Analysis and Simulation (Bruno Quoitin)

* Topic #2: Packet Capturing and Time Series Storage (CAPTIME)

- Round Robin Databases (RRDs) (Tobi Oetiker) - Monitoring Traffic with ntop (Luca Deri)

* Topic #3: Flow Export and Visualization (FLOWVIZ)

- NetFlow and IPFIX (Maurizio Molina) - NetFlow Sensor (NfSen) (Peter Haag)

The labs will assume working experience with Unix/Linux systems and there might be further lab specific prerequisites. Participants are expected to bring personal notebooks (preferably with a CD-ROM) and they are expected to know how to install software and how to administrate their system. More details will be provided by each lab instructor.

Location: ---------

Jacobs University Bremen is a highly selective, private institution for the advancement of education and research. It is located on a green campus in the city of Bremen, Germany. The campus has ideal meeting facilities and can host a large number of people during the summer on campus.

The city or Bremen is well connected. The local airport provides connectivity to the major airports in Europe and the airports in Hannover and Hamburg are about an hour by train from the city center.

Schedule: ---------

The overall schedule for the week is show below. The summer school will start on Monday after lunch time and close on Friday at lunch time.

[Lunch] Monday: 14:00 - 15:00 Welcome and Overview (Lecture Hall R2) 15:30 - 17:00 Lab Setup and Introduction (Computer Hall R1) 17:30 - ..... Trip to Bremen Downtown

Tuesday: 09:00 - 10:30 Course Slot #1 (BGP) (Lecture Hall R2) 11:00 - 12:30 Course Slot #2 (BGP) (Lecture Hall R2) 12:30 - 14:00 Lunch 14:00 - 18:00 Lab Exercises (BGP) (Computer Hall R1)

Wednesday: 09:00 - 10:30 Course Slot #3 (CAPTIME) (Lecture Hall R2) 11:00 - 12:30 Course Slot #4 (CAPTIME) (Lecture Hall R2) 12:30 - 14:00 Lunch 14:00 - 18:00 Lab Exercises (CAPTIME) (Computer Hall R1)

Thursday: 09:00 - 10:30 Course Slot #5 (FLOWVIZ) (Lecture Hall R2) 11:00 - 12:30 Course Slot #6 (FLOWVIZ) (Lecture Hall R2) 12:30 - 14:00 Lunch 14:00 - 20:00 Excursion to Relax and Interact

Friday: 09:00 - 13:00 Lab Exercises (FLOWVIZ) (Computer Hall R1) [Lunch]

Accommodation: --------------

Jacobs University Bremen is a campus university and has all facilities available on campus to host students and instructors, including a student bar or the university club for the evenings. We have allocated rooms in our new and comfortable student colleges to host summer school participants and instructors. The first option is a single room in a double apartment with shared ensuite bathroom and the slightly more expensive option is a single room with ensuite bathroom. All rooms include full board.

Registration: -------------

The number of students that can participate is limited to 40. It is therefore important to register early. Preference will be given to PhD students.

Registration fees, including room and board, shared bathroom:

Early bird rate (until May 15st): 320.- Euro Normal rate (after May 15st): 350.- Euro

Registration fees, including room and board, ensuite bathroom:

Early bird rate (until May 15st): 350.- Euro Normal rate (after May 15st): 380.- Euro

Registration fee, excluding room and board:

Early bird rate (until May 15st): 170.- Euro Normal rate (after May 15st): 200.- Euro

To register, you have to fill out a online registration form:

http://www.eecs.iu-bremen.de/emanics/index.php

Once accepted, you will receive a bill which you have to pay via bank transfer.

Instructors: ------------

* Iljitsch van Beijnum (www.bgpexpert.com, Netherlands)

Iljitsch van Beijnum is a networking consultant and writer who focuses on BGP and IPv6. After working for several Dutch ISPs and starting one with a group of others in the 1990s, he became a freelance consultant and wrote a book about BGP (O'Reilly, 2002) and one about IPv6 (Apress, 2005) and started contributing to the IETF multi6 and shim6 working groups.

* Bruno Quoitin (Universite Catholique de Louvain (UCL), Belgium)

Bruno Quoitin is a research fellow within the Computer Science and Engineering Department at Universite Catholique de Louvain (UCL) in Belgium. His main research interests are interdomain routing and large scale network modeling. He is the main author of C-BGP, an open-source BGP routing solver (http://cbgp.info.ucl.ac.be).

* Tobias Oetiker (Oetiker + Partner, Switzerland)

Tobias Oetiker is an electrical engineer by education and a system administrator by vocation. For the last ten years he has been working for the ETH Zurich, making sure students and staff get ahead with their computers. Last year he started to work for his own company OETIKER+PARTNER, spending amongst other things much more payed time on his pet open source projects MRTG, RRDtool, and SmokePing. In November 2006, Tobias received the prestigious SAGE Outstanding Achievement Award for his work on MRTG and RRDtool. Find out more about Tobi Oetiker on http://tobi.oetiker.ch/

* Luca Deri (ntop.org, Italy)

Luca Deri is the leader of the ntop project (http://www.ntop.org/) aimed at developing an open source monitoring platform for high speed traffic analysis. He currently shares his time between NETikos S.p.A. and the University of Pisa where he has been appointed as lecturer at the CS department. His home page is http://luca.ntop.org/.

* Maurizio Molina (Dante, United Kingdom)

Maurizio Molina graduated in Electronic Engineering (Italian Laurea) from the Polytechnic of Turin in 1993. Since then, he has worked in the telecommunications industry, mainly in research centres, including Telecom Italia Labs (Turin, Italy) and the NEC Network Laboratories (Heidelberg, Germany). He published several papers about IP and ATM traffic modeling and network measurements. He contributed to the ITU-T ATM standardization process, and to working groups in the IETF (on IPFIX and PSAMP). He joined DANTE's Systems group in November 2004, working on performance monitoring, security and authentication and authorization infrastructures.

* Peter Haag (Switch, Switzerland)

Peter Haag is a member of SWITCH-CERT, the Swiss Education & Research Network CERT. He received a master's degree (1991) in electrical engineering from the Swiss Federal Institute of Technology in Zurich and worked as a digital hardware design engineer for four years. In 1995, he changed into the design, development and operation of Internet Server Systems. In 2002, Peter Haag joined SWITCH as an network security engineer. Within SWITCH-CERT he is in charge of incident handling, computer forensics, malware analysis and security tool design. He is the author of the open source netflow tools nfdump and NfSen. At the moment he is actively involved in several projects doing netflow and traffic analysis.

Topics: -------

Below is a brief description of the topics covered in the summer school.

Topic #1: Border Gateway Protocol (BGP)

* Border Gateway Protocol BGP (Iljitsch van Beijnum)

This session will provide an introduction into BGP and how it is used in the current internet for global policy routing. Some hands one experiments will give students a practical understanding how BGP is being used by Internet Service Providers.

* BGP Analysis and Simulation (Bruno Quoitin)

The purpose of the BGP Analysis and Simulation session is to get some hands on real world BGP data and analysis/simulation tools. In a first step, we will briefly review the prominent BGP-related data formats and analysis/simulaton tools. We will show what kind of analysis they allow to perform, what research results have been published and what are the limitations. In a second step, we will perform some basic analysis of data collected in the Abilene backbone as well as by the RouteViews and RIPE RCC projects. Basic notions of one scripting language such as Perl or Python are assumed for this part. Finally, we will learn step-by-step how to build a model of a BGP network. For this purpose, we will rely on the C-BGP simulator. We will build a model of a simple transit network (the Abilene backbone network) as well as a model of a large-scale Internet-like network. Based on these models, we will experiment advanced traffic engineering configurations.

Topic #2: Packet Capturing and Time Series Storage (CAPTIME)

* Storing time series data with RRDtool (Tobi Oetiker)

The first step is to find ways to acquire interesting data. Once the data is here, the challenge is to find a sensible way to store, analyze and present it. RRDtool helps you with these tasks. The class will give you an overview of RRDtool's capabilities and some insights into the finer points of this tool. The lab exercises will focus on applying RRDtool to store and graph data you acquired yourself, allowing you to quickly write your own monitoring application.

* Monitoring Traffic with ntop (Luca Deri)

This class will introduce students to network traffic monitoring and cover the design and implementation of ntop, a popular open-source application developed by the instructor. ntop is able to collect traffic from various sources including packet traces, live network feeds, NetFlow and sFlow sources. Traffic metrics and statistics are saved on disk in RRD format for historical and trend analysis. The lab exercise will show students how to use ntop for effective traffic monitoring.

Topic #3: Flow Export and Visualization (FLOWVIZ)

Netflow data is information collected and exported by routers about IP flows transiting through them. The most classical definition of a flow (although not the only one) is "packets with the same 5-tuple: src IP, dst IP, src port, dst port, protocol". Information about the volume and duration of flows can be used for several different applications, ranging from billing, to traffic engineering and planning, to performance troubleshooting, and security. All these applications can rely on a common Netflow exporting and collection platform, while the Netflow processing tools may differ.

In this FLOWVIZ module we first give the high level picture of what Netflow data is, and what are the fundamental functional blocks involved in its generation, collection and analysis. We then enter in some details about the main challenges associated when these modules have to be mapped with real equipments, particularly in high-speed networks.

After that, we look in more detail at the current and forthcoming standards for representing per flow information: we will explore the main evolution of Cisco Netflow through its most used versions (v5, v8 and v9) and how the IETF IPFIX (IP Flow Information eXport) Working Group undertook the challenge of evolving a proprietary (though widely deployed) industry standard (Netflow) into an official IETF standard.

We then move to presenting how Netflow data is collected, bringing the concrete examples of SWITCH (the Swiss National Research and Educational Network) and GEANT2 (the European backbone network for education and research).

The collected Netflow data needs then to be analysed by appropriate tools. Since there are tenths of such tools, both commercial and open source, sometimes very application specific, we can just give a quick overview and adequate references. We get on the contrary in the details of nfdump-NfSen, the flow collection, visualization and analysis tool developed by Peter Haag at SWITCH.

Nfdump and NfSen were developed with the daily security tasks of a CERT (Computer Emergency Response Team) in mind. We will explain nfdump, the command line tool, and how to look at the traffic. NfSen, on top of nfdump, is the web based graphical interface, as well as the toolbox for further flow processing. We will give an overview on how to use the web interface, including how plugins work and how to write them.

The Lab part of the FLOWIZ module consists of two different sections - the nfdump hands-on part and the NfSen hands-on part. Each students will have it's own environment based on UBUNTU Linux (VMware Image) with all tools and netflow data preinstalled. All netflow data is taken from a real live network and is anonymised.

The students get used to work with nfdump, the command line tool, to search for top talkers, bandwidth consumers and further more. NfSen will run in simulation mode, so all NfSen exercises can be repeated many times. Students will have the opportunity to investigate unusual network behaviour, digging into the details with nfdump and NfSen.

Organizers: -----------

* Juergen Schoenwaelder, Jacobs University Bremen, Germany * Bendick Mahleko, Jacobs University Bremen, Germany * Radu State, LORIA - INRIA Loraine, Nancy, France

Sponsors: ---------

* EMANICS http://www.emanics.org/

/js