2017 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID


We hope you’ll consider taking part in one of these great tutorials. All Tutorials occur on Sunday, October 15. Three tutorials starts at 8:00am, one tutorial starts at 9:00am, and six more tutorials start at 1:00pm. To participate, you will need to REGISTER for the appropriate tutorial(s) as part of your EVENT REGISTRATION (open in JUNE). Space is limited for each of these tutorials so plan to register early!

TUTORIAL with an 8am start:

TUTORIAL with an 9am start:

TUTORIALS with a 1pm start:

SIP and VoIP In-Depth Tutorial - $25 (8AM-12PM)

This tutorial provides an understanding of SIP (the primary VoIP protocol) architecture; signaling call flows; functional elements such as proxies, session border controllers, and gateways; SIP trunking; and 911 requirements. Following the discussion, participants will have an opportunity to see the configurations of actual network elements and configure a phone using the Internet2 NET+ SIP Service system.

Presenter: Walt Magnussen, (Texas A&M)

Grouper in Action: Access Management Strategies for Higher Education and Research Tutorial - $25 (8AM-12PM)

Grouper is an enterprise access management system built by and for higher education, and is a key component of Internet2’s Trust and Identity in Education and Research (TIER) initiative. Designed for highly distributed and heterogeneous information technology environments, Grouper is uniquely suited to address the complexity and flexibility required by the modern institution. 

This tutorial will explore the latest Grouper release, demonstrate a variety of real world use cases, and review the recently released TIER Grouper Deployment Guide. The deployment guide aims to distill diverse community examples into specific TIER guidance and recommendation for achieving a variety of identity and access management capabilities.

Come learn and see what Grouper can do for your campus and join the growing community of practice!

Presenters: Chris Hyzer, Bill Thompson, and Carl Waldbieser ​

Getting Started With Docker Tutorial - $50 (8AM-5PM)

In this hands-on session, attendees will learn about Docker and how to get started with it. Areas covered will include installing Docker on your Mac or PC, Dockerfile and the image build process, pre-built images from Docker Hub/Docker Cloud, running containers, tying containers together (Docker Compose), and an overview of Docker orchestration (scheduling, scaling, and recovery: hands on with Docker Swarm, and an overview of other orchestration technology options).

At the conclusion of the session, attendees will have a working "dockerized" Apache HTTP Server (php) and database solution along with an excitement to "dockerize" their enterprise. Notes: 1-Prior experience with Linux, Apache HTTP Server and mySQL is helpful but not required. 2-Examples/hands-on tutorials will be Linux-based, but native Docker for Windows will also be discussed where appropriate.

Presenter:  John Gasper​, (Unicon, Inc.)

Hands-on SDN Tutorial: Advanced Concepts on SDN Nationwide Testbeds - $50 (9AM-5PM)

The Global Environment for Network Innovations (GENI) network, Internet2, SOX, MAX, and other national and regional networks created an SDN ecosystem that is available to experimenters, developers, and students, through sponsorship from the National Science Foundation. This tutorial provides the opportunity to build your OpenFlow 1.3 SDN controller using live national testbed resources from R&E network providers.

In particular, you will learn how to connect resources with layer 2 links and control data-flows through Corsa switches with an open-source Ryu SDN controller. These foundational concepts will be leveraged in the domains of cyber security, live media, and distributed web services. With Internet2's migration to an MPLS backbone, an SDN overlay was created to support network research. This tutorial describes the current overlay, its ties with GENI, explains how it is accessed, and gives the attendees hands-on practice running a simple controller on a slice of the overlay.

Presenters: Heidi Picher Dempsey, Russ Clark, and Matt Zekauskas

Implementing Virtual Reality for Education Tutorial - $25 (1PM-5PM)

Virtual reality is rapidly exploding as an important technology not just for entertainment, but as a way to radically enhance the way we interact with information and with each other. Educational institutions around the world are beginning to use virtual reality technology to enhance student outcomes. However, as with any new technology, best practices are few and far between, and the details and capabilities of solutions are rapidly evolving.

In such an environment of rapid transformation, some of the best knowledge sources become our own peers who have gone before us - we can learn from both their setbacks and them successes. Internet2 will draw upon the experiences of educators and researchers around the country to give an overview of the current VR technology landscape and a deep dive into how use VR for education. This tutorial will also incorporate hands on experiences with current VR hardware - seeing is believing. \

Presenters: Ben Fineman and TBD

IPv6 Solutions Tutorial - $25 (1PM-5PM)

This tutorial will include information that may be applied to your network today, using IPv6 as a solution to IPv4 address exhaustion. This tutorial will include operating a NAT64/DNS64 network, to allow IPv6-only client devices to access the entire Internet Avoiding the Oar-less boat problem: how to achieve v4-v6 functional parity and effect a smooth, profitable transition toward manageable network growth IPv4/IPv6 Security Parity: Concepts, Myths and Reality IPv6 for the System Administrator.

Presenters: Alan Whinery (University of Hawaii) and TBD

R&E Routing Security Best Practices Tutorial - $25 (1PM-5PM)

This is an interactive tutorial on the best practices for securing routing in the R&E community. These practices were developed within the R&E community and first presented at the 2016 TechEX in Miami. Based on feedback from the community, the content has been updated and this tutorial demonstrates how to apply the best practices, and when.

  • Introduction
  • Background/Community Development Process
  • Overview of subjects
  • ACL's on BGP Sessions
  • Rate Limiters for BGP
  • MD5/TCP-AO
  • Internal Spoof Blocking
  • GTSM
  • To Dampen or not to Dampen
  • Max-Prefixes
  • AS-PATH Filtering
  • Private AS Rejection
  • First AS Rejection
  • Advertising Private ASN
  • Next Hop Filters
  • Community Scrubbing
  • Inbound Customer Filters
  • Out-Bound Customer Filters
  • Inbound Peer Filters
  • Outbound peer Filters
  • Keeping things Up to Date

Presenters: Karl Newell and Grover Browning (Internet2)

The Fast Data Transfer Tool: Overcoming Limitations to High Performance Transfers Over the Wide Area Network - $25 (1PM-5PM)

One important challenge of performing data transfers is being as fast and efficient as possible, while, at the same time, keeping the usage of system resources as low as possible. Ideally, the software that manages these data transfers should be able to organize them in such a way that one is able to have them run up to the hardware limits. In this tutorial, we describe Fast Data Transfers (FDT), an open source tool developed at Caltech for performing fast data transfers over the Wide Area Network (WAN). FDT is an Application for Efficient Data Transfers which is capable of reading and writing at disk speed over WANs (with standard TCP). It is written in Java, runs on all major platforms, and it is easy to use.

FDT is based on an asynchronous, flexible, multi-threaded system and uses the capabilities of the Java NIO libraries. Its main features are:

  • Streams a dataset (list of files) continuously, using a managed pool of buffers through one or more TCP sockets.
  • Uses independent threads to read and write on each physical device
  • Transfers data in parallel on multiple TCP streams, when necessary
  • Uses appropriate-sized buffers for disk I/O and for the network
  • Restores the files from buffers asynchronously
  • Resumes a file transfer session without loss

When needed, FDT can be used to stream a large set of files across the network, so that a large dataset composed of thousands of files can be sent or received at full speed, without the network transfer restarting between files. Caltech recently made FDT open source under a Apache 2.0 license. This tutorial provides an in-depth, hands-on look at Fast Data Transfer (FDT), a simple open-source TCP application developed by Caltech and its partner teams serving high energy physics, genetics, biochemistry, and many other fields of science.

The tutorial will cover:

  • FDT's origins and science. Areas of application of FDT. 
  • Illustrations of FDT's capability to achieve high throughput up to the full capacity of current networks; Limiting throughput at any level up to wire speed with FDT (+ Open vSwitch).
  • A brief summary of affordable platforms for data transfers in the 1, 10, 40, 100 and 100+ Gbps throughput ranges. 
  • How obtain, install and run the code hands-on during the session. 
  • How to join the open source community developing FDT. 
  • Areas of code development - both ongoing and opportunities for new developers
  • Exercises during the tutorial:
    • FDT Installation and use
    • Available transfer options
    • Writing Custom User extensions
    • FDTCP Installation and use
    • Running 3rd party transfer
    • Secure transfers
    • Transfer node optimization

Presenters: Prof. Harvey Newman, Dorian Kcira, Justas Balcas, and Wayne Hendrics (California Institute of Technology)

Understanding the IP Multimedia Subsystem (IMS) Tutorial - $25 (1PM-5PM)

IMS, a wireless architecture used to interconnect networks, has been deployed by large firms such as AT&T and Verizon for the past few years. With this tutorial, we are exploring and evaluating the possibility of extending IMS to the campus enterprise networks. This architecture has the potential to integrate campus VoIP networks with the cellular networks and possibly enable WiFi offload, which could reduce costly in-building DAS requirements. To obtain value from this tutorial, the participant should have a good understanding of SIP fundamentals.

Presenter: Walt Magnussen, (Texas A&M)

Establishing an IdP Proxy Service with SimpleSAMLphp - $25 (1PM-5PM)

Both Cirrus Identity and Unicon have significant experience with using SimpleSAMLphp as an IdP Proxy service. Cirrus' Social to SAML and other services are built on top of it, and Unicon has not only helped a number of clients setup SimpleSAMLphp-based IdP Proxy services for a variety of use cases, but also runs such an IdP Proxy for a client that ties many campuses to services such as HBO GO. Both companies have helped educate folks on IdP Proxies and SimpleSAMLphp, and participate on the Google Group for it.  Unicon has a Docker image with a deployed SimpleSAMLphp, which will be used as a base for attendees to do hands-on work.

The agenda includes:

  • Overview of what a Proxy is
  • Overview of SimpleSAML and why it works well in that Proxy role
  • Basic installation of Simple SAML and how you install extensions/none standard modules
  • Basic config overview of SimpleSAML and its config layout/"pieces
  • Metadata support, and what all can be controlled through metadata and the "PHP form of metadata extended settings" that SimpleSAML has
  • A brief look at the Admin GUI
  • General process for extending it yourself
  • Taking MultiAuth and creating a new module for your own auth module
  • Configuring against multiple, even "mixed" (protocol) sources
  • The source=  argument which creates "virtual SSO endpoints
  • UI/templates etc. We've added a Splash page to one deployment, added our own discovery (search box, lookahead, Ajax approach), etc.       
  • Extensions/modules for leveraging OpenID Connect, OAuth, etc. identity providers (e.g Google, Facebook, etc.)

Presenters: Mike Grady and Patrick Radtke​, (Cirrus Identity)