Tarus Balog - OpenNMS Inc

Scalable Enterprise Monitoring with OpenNMS

OpenNMS is the world's first enterprise and carrier-grade network monitoring platform built using the open-source development model. It was founded in 1999 with the first code publicly released in March of 2000. Since then it has grown to become the choice for monitoring when scale is an issue, and its open source nature means that it can be easily extended. While many commercial solutions require companies to change their processes to fit the application, OpenNMS can be modified to fit those processes. As it is how a company deals with its customers that make it unique, this can create a market advantage.

This presentation will serve as a quick overview of the OpenNMS platform. It will include a discussion of the four main functional areas:

  1. Events and Notification Management: OpenNMS can gather events from a number of sources, process and reduce them, as well as generating notifications. There are systems in production that can handle 10,000 events per second.
  2. Service Assurance: OpenNMS was started in an era when people were very concerned with service level agreements (SLAs). OpenNMS can perform synthetic transactions to make sure network services, from passing traffic to web-based applicatiosn, are operating properly and identify root causes when they are not.
  3. Performance Data Collection: As the Internet of Things becomes a reality, the amount of data available about the performance of the network will grow exponentially. OpenNMS supports the time series database Newts (https://newts.io) which is built on Apache Cassandra, and can scale to billions of metrics.
  4. Provisioning: One thing that a lot of applications leave out is a way to actually provision the monitoring system. When you are dealing with hundreds of thousands of devices you have to have a way to automate what it being monitoring and have the ability to audit it to insure nothing gets missed. OpenNMS has a strong provisioning system to address this issue.


Tarus Balog has been involved in managing communications networks professionally since 1988, and unprofessionally since 1978 when he got his first computer - a TRS-80 from Radio Shack. Having worked as a network management consultant for many years, he was constantly frustrated in the lack of flexibility involved in commercial solutions such as OpenView and Tivoli, as well as shocked by their high prices. Looking for a better solution, he turned to open source and joined the OpenNMS project in 2001 and become the principal administrator of the project in 2002. Since then he has managed not only to make a living working with free software, but the OpenNMS Group, the services company behind the project, has thrived. He is an outspoken evangelist for open source software and the communities it inspires.

Rich Bayliss - Arista Networks

Scaling Beyond 100G with 400G and 800G Ethernet

Bandwidth requirements continue to grow at an exponential pace driven by UHD Content, IOT, Serverless Compute, Machine Learning (ML) and Artificial Intelligence (AI). Both Service Providers and new Cloud operators are racing to adopt the latest technology to keep up with the bandwidth demand in a cost effective manner. With network bandwidth requirements doubling every two years, SPs and Cloud Titans will need 400GE/800GE to help them scale the cloud DC to remain competitive before 2019.

In this vendor neutral session, we will highlight new 400GE/800GE technology, particularly OSFP and QSFP-DD, and analyse network architecture evolution options. We will also discuss the new 25G and 50G standards and demonstrate how they are the current most economic way to address bandwidth scaling today with the added benefit of providing a future proof pathway to 400G Ethernet and beyond.


Rich is the Director for Systems Engineering at Arista Networks in Asia-Pacific, where he leads efforts to migrate complex networks to simplified, software-driven and agile cloud networks. With businesses keen to capture the inherent advantages of cloud, Rich places particular emphasis on the necessary changes to achieve agile operations and web-scale architectures.

Rich is internationally recognised for his contribution to the development of new networking standards and architectures. Prior to Arista, Rich held senior positions with Juniper Networks, including CTO for APAC SP and worldwide Chief Architect for Edge Routing, as well as operational and engineering roles at Australian and global service providers.

Steinthor Bjarnason - Arbor Networks

As on a Darkling Plain: Network Survival in an Age of Pervasive DDoS

In this presentation, we will discuss a significant new evolution of the standard DDoS attack model which presents unique challenges for network operators and end-customers alike. Attack methodologies, the novel incorporation of both general-purpose computers and ubiquitous IoT devices working in concert, the use of in-depth reconnaissance techniques previously associated with online espionage and fraud activities, and discussion of the changing nature of attackers will be covered, along with a discussion of the DDoS detection/classification/mitigation techniques, enhanced operational capabilities, and new service delivery models which will be required to successfully defend against these attacks.


Steinthor Bjarnason is a Senior Network Security Analyst on Arbor Networks ASERT team, performing applied research on new technologies and solutions to defend against DDoS attacks.

Steinthor has 17 years of experience working on Internet Security, Cloud Security, SDN Security, Core Network Security and DDoS attack mitigation. Steinthor is an inventor and principal of the Cisco Autonomic Networking Initiative, with a specific focus on Security Automation where he holds a number of related patents.

Jon Brewer - Telco2

The Future is Up In The Sky

A new space race is on, with private companies like SpaceX pushing launch frequency up and prices down. As a result, operators are planning bigger and more innovative networks than ever. The amount of satellites is slated to quintuple in the next five years, and broadband capacity is set to jump by several orders of magnitude. The future really is up in the sky.


Jonathan is a former network operator who now designs and builds innovative networks for broadband, public safety, utilities, and the Internet of Things. He's an approved radio certifier in New Zealand and licenses land mobile & microwave services. With the University of Oregon's Network Startup Resource Center he spends some of his time teaching network and wireless engineering in developing economies.

Phillip Britt - Aussie Broadband

The challenges of building to 121 NBN POIs

In October 2016, Aussie Broadband announced that it would be dumping Optus as its off-net supplier, and building its own network to all 121 NBN POIs across Australia through a deal with Telstra Wholesale as backhaul provider.

For anyone following along on Whirlpool, Aussie’s Managing Director, Phillip Britt, has dropped occasional comments and even a blog article of the experience of getting this new network up and running.

The project has not been without its challenges. Originally there were delays with Telstra Wholesale, and then the Aussie Broadband project team has had to wrangle/negotiate/pressure/work with both the NBNCo and Telstra Wholesale teams to iron out bugs along the way.

At the time of writing this, the project is around 80% complete and expected to be about 98% complete by the end of June. In the background, Aussie has also been building new points of presence (POPs) in Brisbane and Perth, along with significantly upgrading its Adelaide presence with a new site in Hawthorn and a dark fibre ring connecting to its existing site.

Every capital city POP now has a Cisco 9K platform installed which is specifically designed for terminating these types of service. They’re not cheap but can scale to ridiculous amounts of bandwidth and customers.

Each capacity city point of presence has local peering links and we have transit internet gateways in Melbourne, Sydney and Perth. Every peering and transit link is 10 Gbits as a minimum and each link between states can be up scaled quickly to add more capacity as our customer base grows

In this presentation, Phil talks warts and all about the experience of building the network including the project skills and steps required to connect to a POI, and the network management smarts that will be Aussie’s next focus.


Phillip Britt is a transformational business leader who is taking Aussie Broadband from a small regionally-focussed internet service provider towards an Australia-wide tier 2 business.

Phil has been Managing Director of Aussie Broadband since July 2008. He has worked in the ISP industry at management level since 1996 and has extensive experience in both the technical and management challenges of the telecommunications industry. He is a graduate of the JMW Leader of the Future program and is well-known for his technical expertise in forums such as Whirlpool.

Phil co-founded Aussie Broadband in 2003 in response to what he saw as a growing need to extend broadband access into regional and rural areas of Australia. Aussie has grown an excellent reputation with both customers and the tech-savvy for its extraordinary levels of stable internet service and sensible technical advice. This is based on Phil’s passion for putting the customer at the centre of the business.

In late 2016, Phil announced Aussie Broadband’s intention to take its service offering to a national level, with a deal that gives the company direct access into every NBN POI across Australia. He sees opportunity for the company to offer its unique internet service and products to all Australians.

Phil is acknowledged as an excellent communicator and charismatic leader who thrives on large challenges. He leads through straight-talking, his ability to engage with people at all levels, and his core belief in making communities better.

Phil is also heavily involved in the not-for-profit sector, particularly with Scouts Victoria where he has held state, regional and local leadership roles. He recently led Australia’s largest contingent of Venturer Scouts (teenage) overseas, and heads up the committee organising Australia’s largest Venturer Scout weekend event.

Daryl Collins - Akamai Technologies

The OTT Trend

Over the Top Video continues to be the primary driver of growth in Internet traffic volumes. As OTT becomes more ubiquitous, the expectations of end-users, content owners and broadcasters increases accordingly. We will look at these expectations, the traffic trends of OTT and how they are impacting ISP’s traffic profiles, the challenges Akamai faces and some of the approaches being taken to address them.


Daryl is a Senior Network Architect at Akamai Technologies. Daryl has worked in the Internet industry for over 20 years. Prior to Akamai, Daryl spent 15 years at Internode, leading the network teams and later focusing on Network Architecture at Internode and subsequently iiNet. Daryl’s key interests are in Internet interconnection and routing.

Xiaohong Deng - UNSW/CAIDA

Inferring Interconnection congestion using Mlab NDT and Paris Traceroute data

Xiaohong Deng

We revisit the use of crowdsourced throughput measurements to infer and localize congestion on end-to-end paths, with particular focus on points of interconnections between ISPs. We analyze three challenges of this approach. First, accurately identifying which link on the path is congested requires fine-grained network tomography techniques not supported by existing throughput measurement platforms. Coarse-grained network tomography can perform this link identification under certain topological conditions, but we show that these conditions do not hold generally on the global Internet. Second, existing measurement platforms do not provide sufficient visibility of paths to popular content sources, and only capture a small fraction of interconnections between ISPs. Third, crowdsourcing measurements inherently risks sample bias: using measurements from volunteers across the Internet leads to uneven distribution of samples across time of day, access link speeds, and home network conditions. Finally, it is not clear how large a drop in throughput to interpret as evidence of congestion. We investigate these challenges in detail, and offer guidelines for deployment of measurement infrastructure, strategies, and technologies that can address empirical gaps in our understanding of congestion on the Internet.


Xiaohong is a Ph.D candidate and causal academic stuff with UNSW and did visiting scholarship at UCSD/CAIDA, with research interests in Machine Learning and it's application to network measurement data.

Prior to UNSW, Xiaohong has been working in IT in different roles since 2007: Software Engineer, Project Lead, Technical Trainer, and CEO of an on-line education startup. The longest serve was to France telecom from 2008 to 2013 as a Network Architect and Project Lead. Previously based in China, France, Australia, and now in US.

She has co-authored several RFCs (Internet Standards) related to IPv6 transitioning. Filed 2 PCT Patents. And led a number of open-source projects in the very same field, which obtains usages from over 70 countries globally.

Zen practitioner. Into both science and philosophy.

Paul Gear - Network Time Foundation

The Past, Present, and Future of NTP Operations

NTP is one of the longest-running continuously-operating protocols on the Internet. Its use predates many protocols we consider fundamental today, such as BGP, HTTP, and IPv6. (It’s almost as old as DNS!)

Keeping a protocol infrastructure running for that long is not without its difficulties. In this presentation, we will review some of the operational challenges which NTP has faced over the years, including:

  • Poorly-written implementations
  • Reflective DDoS attacks
  • Leap second handling, leap smearing
  • Ill-conceived “legitimate” uses
  • Authentication & privacy

NTP is the subject of ongoing standardisation as a protocol, and ongoing implementation work, including the reference implementation by the Network Time Foundation. The presentation will also provide an overview of IETF drafts currently under discussion, including:

  • Best current practices
  • Yang data model
  • Extension headers
  • Data minimisation
  • Network Time Security

The talk will conclude with practical guidance on running NTP in operational networks (based on the current BCP draft) and a call for participation and support.


Starting as a sysadmin on large Unix systems in the early 1990s, Paul has worked in software development, network engineering, IT management, and consulting. He now works as a site reliability engineer for Canonical, the company behind Ubuntu Linux. He previously presented “The School For Sysadmins Who Can't Timesync Good and Wanna Learn To Do Other Stuff Good Too” at Linux.conf.au 2017 in Hobart.

Paul is a volunteer for the Network Time Foundation and will be presenting at AusNOG 2017 thanks to sponsorship by the foundation.

Harlan Stenn, Founder of the Network Time Foundation was instrumental in bringing about this presentation and is the co-author of its content.

Raphael Ho - Equinix

Internet Exchange Etiquette in the Digital Era

Presented by Raphael Ho, this presentation will offer Peering Point participants and operators the opportunity to get in-depth knowledge into the successful implementations of Internet Exchanges. The session will feature a deep dive into some of the ‘Do’s and Don'ts’ of Internet Exchanges, including tips on dealing with routing, prefix high-jacking, proxy ARP and junk traffic, and provide participants with suggestions and takeaways on how to prevent and mitigate common traffic and networking issues. It will also offer best practices around redundancy, route registries, and peering, drawing on real-world examples and current issues to illustrate the importance of these practices.


As Head of Cloud and Interconnection Engineering & Operations for Equinix in Asia Pacific, Raphael Ho is responsible for the development of the Equinix Cloud Exchange platform and Interconnection strategy across the region.

Mr. Ho has over 20 years’ experience in international management in the telecoms and enterprise business, with strong specialties in IP/MPLS and subsea networking, network operations and network management systems.

Aside from his work at Equinix, Mr. Ho is also a board member of the Asia Pacific Internet Association and is a committee member of the Telecommunications Regulatory Affairs Advisory that counsels the HKSAR Government on telecom regulation. He is also a regular speaker at Network Operator Groups and Peering Forums, offering insights on various topics including Digital Transformation, Data Network Peering and subsea cable systems.

Mr. Ho was previously the chair of the Internet eXchange (IX) Special Interest Group (SIG) at Asia-Pacific Network Information Centre (APNIC), where he facilitated a forum for sharing information about the status and activities of IX points in the Asia Pacific region to the peering community.

Prior to Equinix, Mr. Ho served as the Director for ANOC Technical Support at Asia Netcom, supporting their transmission, IP and voice platforms. He has also served in various engineering/operations management positions in global organizations including Pihana Pacific, Level 3 Communications and Global One in Singapore, US and UK.

Mr. Ho holds a Bachelor of Engineering in Computing from Imperial College, London.

Geoff Huston - APNIC

Some Thoughts on IoT

This presentation attempts to place the recent hype about the Internet of Things into a broader perspective about the evolution of computers and networking and explore the implications as to potential scenarios relating to the issues of quality and manageability in a world of essentially unmanaged devices. Are we ready for such an environment? What can we learn from recent events that illustrate some of the risks we might encounter in such an environment?


GEOFF HUSTON is the Chief Scientist at APNIC, the Regional Internet Registry serving the Asia Pacific region. He undertakes an extensive measurement program using ad-based measurement to measure the performance and characteristics of the Internet, and has extensive experience in both ISP operations and protocol standards.

Andrew Khoo

Jose Leitao & Daniel Rodriguez - Facebook

Build your own version of NetNorad using OpenSource tools

NetNorad is Facebook’s system for automation end to end fault detection using active probing [1]. It follows a simple principle of having pingers on the network with responders on hosts, storing the response, analyzing the data and then providing a source for alarms to operations.

Using OpenSource tools, including UdpPinger (a high performance UDP packet generation, reflection and collection library [2]), we will show how almost anyone can build a solution similar to Facebook’s NetNorad using Docker / InfluxDB and a few Python Scripts.

We will show during the presentation how to build this system on a mock network from start to finish, introducing packet loss and showing how the probe information can be sliced / visualized using InfluxDB


Jose Leitao and Daniel Rodriguez are production netengs in the Network Infrastructure Engineering team at Facebook. Their team responsibilities include maintaining, monitoring, and improving the global production network infrastructure.

Mark Nottingham

Protocol Evolution and its Impact on Network Operators

In the past few years, there has been an ongoing trend to increase use of encrypted protocols. At the same time, core internet protocols have changed as well; first HTTP/1.1 was updated to HTTP/2, and now TCP is being challenged by QUIC. This talk walks through the reasons for these changes and how they might impact network operators.


Mark Nottingham has helped develop the Web and its associated technologies for more than fifteen years.

Currently, he co-chairs the IETF HTTP and QUIC Working Groups, and is a member of the Internet Architecture Board. He has written, edited or substantially contributed to more than twenty IETF RFCs and W3C Recommendations about topics like HTTP, caching, linking, Web architecture and security.

Mark is married to Anitra with two sons, Charlie and Bennet. They live in Melbourne, Australia.

Eric Pinkerton - Hivint

Look Who's Talking 2

Data Retention Laws finally came in to effect in October 2015 to a chorus of dissent from carriers, privacy experts, civil libertarians, legal experts and of course GoT fans. So where did this legislation come from and where is it headed, and have these biannually retentive carriers done enough to keep these so called ‘Hacker Honeypots’ secure?

My talk will be an attempt to get to the bottom of some of these questions through good old fashioned detective work, unanswered FOI requests, backroom conversations, anecdotal evidence and poorly administered online surveys.


Eric has been breaking things just to fix them again since before he could walk, at 20, he spent his summer evenings as a nightclub bouncer, and read tarot cards during the day. He didn’t realise it back then, but nothing could have prepared him better for a career in Infosec, trying to predict the future, whilst ducking the punches.

Eric cut his teeth as a technologist for the BBC World Service in London, where he learned the importance of ‘educate, inform and entertain’ he also developed his passion for emerging technologies with a bent for security. Arriving in Australia in 2003 he landed an operational role at Australia’s first IP Telco, and has since served hard time at Telstra, Stratsec/BAE Systems, Datacom, CSC and Finally Hivint.

Eric has presented at Cebit, AusCERT ,AISA and CrikeyCon, retains a healthy level of cynicism, is partial to aluminium millinery and blogs about privacy, security and the myth of infallibility in humans.

Tim Raphael

Modern network monitoring for the rest of us

Current trends have the big Silicon Valley companies pumping out game-changing software platforms that break away from the traditional ways we monitor and manage our networks. These modern concepts and processes work well at very large scale but usually suffer from a steep learning curve and unnessisary overhead when used at the scale of tens (rather than hundreds or thousands) of devices. So, what is the best way forward for the rest of us?

Limitations on the performance of network device management planes have also harpered our ability to gain granular insight into our networks through near realtime metrics. While vendors are now pushing streaming telemetry from their flagship products, those in smaller networks will need to wait the required 5-7 year technology propogation cycle to gain the benefit on smaller product lines. For now, we're stuck with SNMP and other 20+ year old methods of performance data collection with underwhelming analysis tools sold as "all-in-one", easily deployable packages that seem to always fall short of the real requirements.

Every business has different goals, products, services and values and as such, a monitoring strategy should be aligned to what is valued most. The majority of off-the-shelf monitoring platforms do a common set of monitoring roles, however making these platforms fit the needs of your business is usually a much harder task. This talk aims to introduce some of the most modern network monitoring concepts (push vs pull, streaming telemenry, event processing, alert handling etc.) and discuss how these can be applied at a small to medium scale network to provide a much better monitoring solution to suit your needs.


Tim has been involved with the industry for over seven years and has worked for MSPs, ISPs and IaaS providers. He now works for The Internet Association of Australia (IAA) as a Peering Engineer operating the IX-Australia peering fabric. During his time at IAA, he has undertaken the project of overhauling the metrics and monitoring infrastructure to bring better insight to IAA's members about the value of peering.

Tim holds a BSc Comp. Sci. and an MEng in Software Engineering and maintains a passion for automation in networking and especially metrics and monitoring. He also volunteers as an infrastructure engineer for the largest BYOPC LAN Event in the southern hemisphere, Redflag Lanfest (RFLAN).

Aftab Siddiqui - ISOC

Two years of good MANRS - Improving Global Routing Security and Resilience

More than 2 years ago, Internet Society started the initiative of MANRS (Mutually Agreed Norms for Routing Security) to gather the wider operator community to improve the security and resilience of the global routing system. It resulted in a document called "Routing Resilience Manifesto" setting up some recommendations. Many big names signed up for this initiative like Comcast, Level3, NTT etc but it didn't receive much acceptance in Asia-Pacific. This presentation will give an overview of MANRS and why it is important for Australian Service Providers and will highlight the 2 important aspects i.e. Route Filtering and Souce Address Validation.


Aftab Siddiqui is associated with Internet Society as Technical Engagement Manager in the Asia Pacific region and also part of the Deploy 360 initiative. His role is to engage with network operators, enterprises, governments, developers, manufacturers of consumer electronics, and other diverse users to encourage deployment/implementation of IPv6, DNSSEC and Routing Security.

He is based in Sydney, Australia and an active member of the internet community in the region. You can reach out to him via email siddiqui@isoc.org or via Twitter @aftabsiddiqui

Rada Stanic - Cisco Systems

Model Driven Telemetry - Foundation for Big Data Analytics

With the increasing needs to gain full network visibility at scale, Model Driven Telemetry (MDT) is rising to this challenge. MDT is helping transform the landscape of network monitoring into a Big Data playground. Today's largest Web providers are already reaping the benefits of telemetry and the trend is equally gaining momentum with service providers globally.

This session will cover plethora of exciting open source and new technologies (YANG data models, Kafka, Prometheus, GPB etc.) that allow SP’s operations teams reap the benefits of streaming telemetry. Even if it is as simple as replacing legacy approaches like SNMP, it provides tangible benefits in terms of performance, scalability and visibility of the network. The session will also touch on how model driven approach is becoming the foundation for both network automation and visibility and how it transforms the operational environment of service provider networks.


Rada Stanic is the Principal Systems Engineer, Software Solutions, Global Service Provider. In this role, Rada is responsible for assisting Cisco’s Service Provider customers in developing their architectures and enabling new services that align with their business goals. Most recently, Rada’s key focus areas have been Software Defined Networking (SDN), Network Function Virtualisation (NFV), Programmability and Analytics. Prior to this role, Rada worked as an architect in the IoT space as well as all aspects of architecture, design and implementation of large carrier grade networks, spanning areas of technologies such as MPLS, Metro Ethernet, Broadband, Mobility, Data Centre and Cloud. Prior to joining Cisco, Rada was a Senior Software Engineer at Alcatel-Lucent. Rada holds a Bachelor Degree in Telecommunications and Electronics Engineering.

Elly Tawhai - APNIC

APNIC Update

This short presentation takes a closer look at the upgrade of APNIC whois to version 4. It covers what the implementation of an organization object will mean for the Australian network operations community, as well as details about the introduction of a historical whois, and how an API has been created to provide RDAP responses to historical queries.

Ken Wilson - Opengear

Choosing an orchestration tool: Ansible and Salt

In many organisations, moves are being made towards picking a standard for network orchestration. However, there are many choices.

My talk last year gave a high level introduction to the concept of network orchestration, and a general description of some of the tooling used. This talk will provide a deeper dive into two of the tools that are getting more attention in the networking world: Ansible and Salt.

Both projects started out as remote execution engines written in Python, and have evolved into fully featured automation and orchestration systems. Through their use of the NAPALM library, both have strong support for configurations and monitoring of networking devices, which will be the focus of this talk.

I will cover the design and concepts of Ansible and Salt; what you get for free, and what you pay for, and go through some common day-to-day provisioning and maintenance scenarios using each of the tools, with the aim of helping network administrators choose the right tool for their network.


Ken Wilson is the Product Owner for the Software and Hardware products at Opengear and is responsible for everything from bootloaders and kernels to fluffy management software. During his time at Opengear, he has supervised the design, development and rollout of new generations of hardware appliances for data centre and remote site device management, as well as managing the development of several custom products for OEMs.

Prior to Opengear, Ken worked for SnapGear building firmware for UTM Firewall/Routers and for CiSRA (Canon Information Research Australia), working on print rendering technology.

Ken has a degree in Software Engineering from UQ.