May 2020, Online

 

Training Workshop for Educators and Network Engineers on High Speed Network Protocols and Security

Monday May 4 – Wednesday May 6, 2020

 

Registration is now closed

Due to the limited number of virtual pods used for hands-on lab sessions, access to pods will be given according to the order of registration.

Organizers
  • University of South Carolina (UofSC)
  • The Engagement and Performance Operations Center (EPOC)
  • University of Texas at San Antonio (UTSA)
  • University of South Florida (USF)
Venue

 

 

Overview

This free hands-on workshop provides cyberinfrastructure (CI) engineers with an introduction to tools and techniques for the design, implementation, and monitoring of high-throughput networks and science demilitarized zones (Science DMZs). Each attendee will have full control of equipment pods emulating internetworks and tools (see figures below) to learn and test TCP-related issues, perfSONAR nodes distributed across networks, and Bro-based Intrusion Detection.

Outcomes

By the end of this workshop, attendees will:

 
Network Tools and Protocols:
  • Use tools and techniques for measuring performance
  • Test Linux systems on emulated Wide Area Networks (WANs)
  • Measure the performance of different TCP congestion control algorithms (Reno, HTCP, BBR) on high-throughput (10 Gbps) high-latency (varying parameters) networks
  • Measure the impact of parallel streams and maximum segment size (MSS) on throughput
Border Gateway Protocol (BGP):
  • Describe the operation of EBGP and IBGP sessions with different attributes
  • Analyze BGP authentication
  • Configure and verify Full Mesh IBGP
  • Use MP-BGP functionality with IPv4 and IPv6 addresses
  • Enable BGP reflectors
  • Understand BGP Hijacking and the mitigation techniques
perfSONAR:
  • Describe the operation of perfSONAR and use perfSONAR GUI to configure regular tests
  • Analyze perfSONAR results on a variety of scenarios with injected packet loss and latency
  • Use pScheduler’s CLI to schedule tests
  • Visualize measurement data using MaDDash
  • Understand and use the psConfig Web Administrator (PWA) to host groups and tests
Bro/Zeek:
  • Describe Bro operations
  • Manage and automate Bro instances
  • Instrument Bro for network forensics

 

Intended Audience

The audience of this workshop includes IT educators, IT professionals, CI Engineers, High-Performance computing specialists, research systems administrators, security professionals.

 

Award Information

This activity is supported by NSF award 1829698. Link to official webpage: NSF-1829698

 

Pre-requisites

Training activities will be conducted using NetLab. Attendees will be provided with a username and a password.

 

Virtual Machines for NTP and BGP Pods

The pods corresponding to the lab series “Network Tools and Protocols” and “Border Gateway Protocols” consist of one virtual machine (VM) each. The VM for each pod can be downloaded and run with a hypervisor such as VMware Workstation and Virtual Box. Please see directions and URL below.

Installation guide: VirtualBox guide
Network Tools and Protocols (NTP) and Border Gateway Protocol (BGP) virtual machines: Link

 

Agenda

 
DAY 1: Monday, May 4
Time Topic Presenter
10:00 - 11:00 Science DMZ [Slides] [Video] Jason Zurawski (ESnet) [Bio]
11:00 - 11:45 TCP BBR [Video] Neal Cardwell (Google) [Bio]
11:45 - 12:30 Break  
12:30 - 01:00 perfSONAR [Slides] [Video] Doug Southworth (Indiana University) [Bio], Scott Chevalier (Indiana University) [Bio]
01:00 - 02:00 Hands-on Session TCP and Science DMZs tools [Slides] [Video], perfSONAR [Slides] [Video] Elie Kfoury (UofSC) [Bio], Jose Gomez (UofSC) [Bio]
02:00 - 02:05 Closing Day 1 Jason Zurawski, Jorge Crichigno
 
DAY 2: Tuesday, May 5
Time Topic Presenter
01:00 - 01:45 BGP Architectures and Best Practices [Slides] [Video] Eli Dart (ESnet) [Bio], Hans Addleman (Indiana University) [Bio]
01:45 - 02:30 Hands-on Session BGP I: FRR router, AS_PATH, eBGP and iBGP, Local Preference and MED [Slides] [Video] Jorge Crichigno (UofSC), Ali Alsabeh (UofSC) [Bio]
02:30 - 02:45 Break  
02:45 - 03:45 Hands-on Session BGP II: BGP Route Reflection, Multi-protocol BGP, IP Spoofing and Mitigation Techniques, BGP Hijacking [Slides] [Video] Jorge Crichigno (UofSC), Ali Alsabeh (UofSC)
03:45 - 04:00 Closing Day 2 Jorge Crichigno, Jason Zurawski
 
DAY 3: Wednesday, May 6
Time Topic Presenter
01:00 - 01:45 Utilizing Cyber Armsraces for the Good Guys [Slides] [Video] Nur Zincir-Heywood (Dalhousie University) [Bio]
01:45 - 02:45 Hands-on Session Zeek/Bro [Slides] [Video] Elias Bou-Harb (UTSA) [Bio]
02:45 - 03:00 Break  
03:00 - 03:45 Panel: Security best practices in high-speed networks [Slides] [Video] Moderator: Elias Bou-Harb, Associate Director for Cyber-Center for Security and Analytics, University of Texas San Antonio.

Panelists:

    - Chris Griffin [Bio] (Chief Network Architect at Florida Lambda Rail)
    - Guy Walsh [Bio] (Executive Director National Security Collaboration Center, University of Texas       San Antonio)
    - Ken Miller [Bio] (Energy Science Network - ESnet)
    - Chadi Assi [Bio] (Full Professor and IEEE Fellow, Concordia University)

03:45 - 04:00 Closing Remarks Jason Zurawski, Jorge Crichigno

 

 

Virtual Laboratory (vLabs) Experiments

Lab Network Tools and Protocols Software-defined Networking (SDN) Bro/Zeek
Lab 1 Introduction to Mininet [PDF] Introduction to Mininet [PDF] Introduction to the Capabilities of Zeek [PDF]
Lab 2 Introduction to Iperf3 [PDF] Legacy Networks: BGP Example as a Distributed System and Autonomous Forwarding Decisions [PDF] An Overview of Zeek Logs [PDF]
Lab 3 Emulating WAN with NETEM I: Latency, Jitter [PDF] Early efforts of SDN: MPLS Example of a Control Plane that Establishes Semi-static Forwarding Paths [PDF] Parsing, Reading and Organizing Zeek Log Files [PDF]
Lab 4 Emulating WAN with NETEM II: Packet Loss, Duplication, Reordering, and Corruption [PDF] Introduction to SDN [PDF] Generating, Capturing and Analyzing Network Scanner Traffic [PDF]
Lab 5 Setting WAN Bandwidth with Token Bucket Filter (TBF) [PDF] Configuring VXLAN to Provide Network Traffic Isolation [PDF] Generating, Capturing and Analyzing DoS and DDoS-centric Network Traffic [PDF]
Lab 6 Understanding Traditional TCP Congestion Control (HTCP, Cubic, Reno) [PDF] Introduction to OpenFlow [PDF] Introduction to Zeek Scripting [PDF]
Lab 7 Understanding Rate-based TCP Congestion Control (BBR) [PDF] Interconnection between Legacy Networks and SDN Networks [PDF] Introduction to Zeek Signatures [PDF]
Lab 8 Bandwidth-delay Product and TCP Buffer Size [PDF]   Advanced Zeek Scripting for Anomaly and Malicious Event Detection [PDF]
Lab 9 Enhancing TCP Throughput with Parallel Streams [PDF]   Profiling and Performance Metrics of Zeek [PDF]
Lab 10 Measuring TCP Fairness [PDF]   Application of the Zeek IDS for Real-Time Network Protection [PDF]
Lab 11 Router's Buffer Size [PDF]   Preprocessing of Zeek Output Logs for Machine Learning [PDF]
Lab 12 TCP Rate Control with Pacing [PDF]   Developing Machine Learning Classifiers for Anomaly Inference and Classification [PDF]
Lab 13 Impact of MSS on Throughput [PDF]    
Lab 14 Router's Bufferbloat [PDF]    
Lab 15 Analyzing the Impact of Hardware Offloading on TCP Performance [PDF]    
Lab 16 Random Early Detection [PDF]    
Lab 17 Stochastic Fair Queueing [PDF]    
Lab 18 Controlled Delay (CoDel) Active Queue Management [PDF]    
Lab 19 Proportional Integral Controller-Enhanced (PIE) [PDF]    
Lab 20 Classifying TCP traffic using Hierarchical Token Bucket (HTB) [PDF]    
Lab Manuals NTP Lab Series [PDF] SDN Lab Series [PDF] Zeek/Bro Lab Series [PDF]