Time Topic Speaker Presentation
8:30 Registration and Breakfast
9:15 Welcome Benjamin Blangstrup, DKNOG Slides
9:30 Metro 100G Evolution Steve Jones, Cube Optics Slides
10:15 Coffee Break
10:30 DNS Amplification Attacks Ralf Weber, Nominum & Claus Fonnesbek, EnergiMidt Slides
11:15 DDoS protection using Netfilter/iptables Jesper Dangaard Brouer, RedHat Slides
12:00 Lunch
13:00 Update from the RIPE NCC Pedro da Silva Vaz, RIPE NCC Slides
13:15 Introduction to mobile networks Jan Chrillesen, TDC Slides
14:00 Coffee Break
14:15 The Roskilde Festival Network Jonas Hauge, Danmarks Nationalbank/Roskilde Festival IT Slides
15:00 Coffee Break
15:15 Lightning Talks
  • Ferenc Csorba, RIPE NCC - IPv6 addressing plan and subnetting
  • Martin Skafte, TDC - Fearing the evil chip
  • Thomas Steen Rasmussen -


| | 16:00 | Coffee Break | | 16:15 | Lightning Talks |

  • Rasmus Sindum, Conscia - The future of wireless solutions
  • Anders Mundt Due, DIX
  • Kurt Erik Lindqvist, Netnod - COMIX


| | 17:00 | Closing notes |  Allan Eising, DKNOG | |


DNS Amplification Attacks

By Ralf Weber, Nominum and Claus Fonnesbek, EnergiMidt


They aren’t making headlines but DNS amplification attacks continue around the world, attackers with modest skill and resources are substantially stressing network infrastructure. In the past attacks on authoritative DNS servers received attention. Now, attacks using DNS resolvers are evolving and Best Practices - preventing address spoofing, and restricting IP ranges that can access resolvers - are no longer effective. The current generation of attacks leverages home gateways that forward DNS queries coming in on their WAN interface, masking the origin of queries when they arrive at a resolver. It’s unlikely vulnerable home gateways can be updated anytime soon, so this presentation will describe how log data from DNS resolvers can be used to identify attacks and detail proposals for mitigating them without impacting legitimate DNS traffic.


Ralf Weber joined Nominum as Senior Infrastructure Architect in January 2010 and is responsible for helping customers to architect and deploy Nominum technology. Prior to joining Nominum he worked at Colt Telecom where he was responsible for their european wide DNS network. He also was on the Technical Advisory Board of DENIC, the worlds largest ccTLD, where he helped bringing DNSSEC to the .de domain. In addition to that he is participating in the IETF and RIPE DNS related working groups, and is an elected Trusted Community Representatives (Backup Recovery Key Share Holder) for the root key management. He lives near Frankfurt with his wife and three kids, which occupy most of his not DNS related free time.

DDoS protection using Netfilter/iptables

By Jesper Dangaard Brouer, RedHat


In this talk Jesper will present the recent development, for mitigating DDoS attacks using Netfilter/iptables, the Linux kernels firewall facility. The talk will cover the recent SYNPROXY modul and other less know techniques, and the needed kernel parameter tuning.


Jesper Dangaard Brouer has participated in several invitation only developer conferences, including NetConf and most of the Netfilter Developer Workshops. He is part of the team that maintains He is a frequent speaker at technical conferences.

Introduction to mobile networks

By Jan Chrillesen, TDC


Over the last decade mobile networks have evolved from stand-alone networks, using legacy transmission technologies, to modern IP access networks, using all-IP transmission. This means that many network engineers today need to understand mobile networks, and vendors will often present mobile network related features, when presenting new products and solutions. However, getting into the world of mobile networks can be overwhelming, with lots of new acronyms and new types of equipment. In this presentation Jan will cover the architecture of a modern mobile network and the most common network elements and acronyms.


Jan is a network engineer at TDC and has worked with mobile networks since 2006. His work includes migration of mobile datacenter to a common IP/MPLS network, replacement of frame relay, SDH and ATM transmission with IP, the introduction of LTE as well as two vendor swaps. Before working with mobile networks he was a unix system administrator and built datacenter networks.

The Roskilde Festival Network

By Jonas Hauge, Danmarks Nationalbank and Roskilde Festival IT


What has to be considered when you build a temporary medium sized Enterprise/Pseudo-ISP network on a 4 square kilometre green field with very limited permanent infrastructure? Well; Too many to mention here but one crucial element to keep it simple - otherwise you are bound to fail.

This talk will go through the history of the network installation implemented and operated each year on the Roskilde Festival ground focusing on the technical parts and lessons learned what not to do.


Jonas works a network engineer at Danmarks Nationalbank (The danish central bank) where he design and implement the datacenter and security related solutions. Before this he was employed at TDC Hosting for 10 years handling both servers and network with focus on network and security for the last 7 years. Beside these jobs he has been a volunteer at Roskilde Festival since 2006 handling all kind of IT-related tasks.

Metro 100G Evolution

By Steve Jones, Cube Optics


Metro data traffic volumes are expected to increase 3 times in the next 5 years, meaning today’s 10 Gb/s optical networks are quickly becoming saturated. To date much of the discussions around 100G have been focused on long haul, with little attention on the metro space. It is essential that any upgrade uses the current infrastructure, with minimal disruption to existing services and is flexible to further accommodate newer equipment as required.

This presentation will present options for Metro 100G evolution, both with 100G CFP 100GBASE-LR4 and 100G CFP DWDM, whilst maintaining any 10G services you may have in place.


Steve has over 30 years experience in the Telecom / Internet field across a diverse set of business disciplines. Having worked for many vendors over the years, from TDM, Voice, Wireless and Wireline, SBC’s and Softswitches, IP-PBX’s, network security and now Optics, Steve has developed a very broad overview of many aspects of networking and understands that there are no such things as ‘virgin’ networks.

Steve’s talk will look at the challenges ahead when moving from 10G to 100G and beyond and will present an alternative way to cost effectively use n*100G in Metro networks.