A Research ISP for Experiments, Insight, & Research John - - PowerPoint PPT Presentation

a research isp for experiments insight research
SMART_READER_LITE
LIVE PREVIEW

A Research ISP for Experiments, Insight, & Research John - - PowerPoint PPT Presentation

Feb 23, 2023 285 likes •354 views

A Research ISP for Experiments, Insight, & Research John Kristoff DePaul University (ops role) University of Illinois at Chicago (research role) jtk@depaul.edu jtk@depaul.edu WIE-KISMET 2019 1 Recent Challenge Setup an IPv4 /

slide-1
SLIDE 1

jtk@depaul.edu WIE-KISMET 2019 1

A “Research” ISP for Experiments, Insight, & Research

John Kristoff

DePaul University (ops role) University of Illinois at Chicago (research role) jtk@depaul.edu

slide-2
SLIDE 2

jtk@depaul.edu WIE-KISMET 2019 2

Recent Challenge

  • Setup an IPv4 / IPv6 dual-stack relay server
  • Institution had IPv6 peering only with Internet2
  • No IPv6 through backbone to our lab net
  • Couldn’t perform 2002::/32,48,64 announcements
  • Setup tunnelbroker.net on lab node
  • Ongoing lab VM cluster/node problems
  • Experiment coordination and administration
  • Significant lag time between request and action
  • ARGH: jtk uses ops role net/sys to do all this work
slide-3
SLIDE 3

jtk@depaul.edu WIE-KISMET 2019 3

Basic Idea

  • A commercial-looking ISP run by netops for R&E
  • Access to BGP, addressing, servers, locales
  • AUP aligned to research purposes
  • For TX experiments safe for the Internet
  • To RX whatever the net cares to deliver
  • Data, data, data
  • flows, BMP, pcap, syslog, traps
  • Teaching, training, testing opportunities
  • Use the existing net, not try to build a new one
slide-4
SLIDE 4

jtk@depaul.edu WIE-KISMET 2019 4

What We Might Do

  • Run an anycast environment
  • Obtain transit/peering with certain IX or net
  • Run Tor exit node, IRC server, UUCP, SMTP, etc.
  • TX/RX “magic bits” filtered by institution policy
  • Selectively announce BGP routes / attributes
  • Sinkholes, black holes, sensors, honey pots
  • Provide addressing, connectivity, and hosting
  • For downstream researchers and students
  • Provisioning tools and methods research
slide-5
SLIDE 5

jtk@depaul.edu WIE-KISMET 2019 5

This is Not

  • Internet++
  • High-speed drag racing
  • R&E institution/lab interconnect
slide-6
SLIDE 6

jtk@depaul.edu WIE-KISMET 2019 6

DataPlane.org

  • 100+ VMs / servers around the world
  • Sensors for providing threat intelligence
  • Customized listeners: ssh/dns/http/vnc/sip/…
  • Geographic and IPv4 /8 diversity
  • Low cost, some admin burden
  • Feeds widely used by threat sharing orgs
  • Acquire PI ASN(s)/addresses
  • Acquire distributed hosting space and connectivity
  • Community RTBH/flow-spec service