User Tools

Site Tools


hackathon2019

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
hackathon2019 [2019/05/17 16:21]
kevo
hackathon2019 [2019/07/19 16:43] (current)
kevo
Line 1: Line 1:
-To see the 2017 Hackathon click here: https://​hackathon.internetsummitafrica.org/​doku.php?​id=start 
  
-To see the 2018 Hackathon click here: https://​hackathon.internetsummitafrica.org/​ +**Materials and Schedule ​for Hackathon@2019**
- +
-**Planning ​for Hackathon@2019**+
  
 ====== Hackathon@AIS 2019 ====== ====== Hackathon@AIS 2019 ======
Line 11: Line 8:
 ===== Venue ===== ===== Venue =====
  
-Kampala, ​Uganda+Sheraton Hotel Kampala, ​Victoria Room, 1st Floor,
  
-===== Registration =====+====== Registration ​======
  
-https://www.internetsociety.org/​take-action/​applications-now-open-hackathonais/​+Registration is now closed.
  
  
 ===== Drafts/RFCs To Be Worked On ===== ===== Drafts/RFCs To Be Worked On =====
- 
- 
  
 ==== 1. Network Programmability ==== ==== 1. Network Programmability ====
 Champions: Charles Eckel (from US - Cisco, eckelcu@cisco.com) Champions: Charles Eckel (from US - Cisco, eckelcu@cisco.com)
-  * Relevant RFCs +  * Michelle Opiyo 
-    * YANG: https://​tools.ietf.org/​html/​rfc6020 +  * Isabel Odida 
-    * NETCONF: https://​tools.ietf.org/​html/​rfc6241 + 
-    * RESTCONF: https://​tools.ietf.org/​html/​rfc8040 +Relevant RFCs 
-    * YANG Catalog: https://​yangcatalog.org/​ +  * YANG: https://​tools.ietf.org/​html/​rfc6020 
-    * YANG Models: https://​github.com/​YangModels/​yang +  * NETCONF: https://​tools.ietf.org/​html/​rfc6241 
-  ​* ​At hackathon we will: +  * RESTCONF: https://​tools.ietf.org/​html/​rfc8040 
-    * Have a brief introduction to APIs and how they enable programmability in general +  * YANG Catalog: https://​yangcatalog.org/​ 
-    * Review and discuss network programmability concepts and components  +  * YANG Models: https://​github.com/​YangModels/​yang 
-    * Use pyang to interact with YANG models +At hackathon we will: 
-    * Use Python ncclient library to interact with network devices via NETCONF +  * Have a brief introduction to APIs and how they enable programmability in general 
-    * Use Postman and Python requests library to interact with network devices via RESTCONF +  * Review and discuss network programmability concepts and components  
-    * Create examples of network automation on a sample network +  * Use pyang to interact with YANG models 
-  * Prerequisites  +  * Use Python ncclient library to interact with network devices via NETCONF 
-    * Basic familiarity with a Unix/Linux shell environment  +  * Use Postman and Python requests library to interact with network devices via RESTCONF 
-    * A laptop setup with a development environment ​as described below, or through which you can access a remote machine with such a development environment +  * Create examples of network automation on a sample network 
-    Step-by-Step instructions ​to setup your development environment +** Prerequisites ​**  
-      * Access is free but a DevNet account is required +  * Basic familiarity with a Unix/Linux shell environment  
-      * Login or create an account quickly with this AIS Hackathon specific link [[https://​developer.cisco.com/​join/​ais19]] +  * A laptop setup with a development environment ​for use during the hackathon 
-      * [[https://​developer.cisco.com/​learning/​modules/​dev-setup/​dev-what/​step/​1|Setup Your Development Environment]] +  Instructions ​to setup your development environment 
-  * (Optional) Self paced online training modules available on Cisco DevNet +    * Access is free but a DevNet account is required
-    * Access is free but a DevNet account is required ​+
     * Login or create an account quickly with this AIS Hackathon specific link [[https://​developer.cisco.com/​join/​ais19]]     * Login or create an account quickly with this AIS Hackathon specific link [[https://​developer.cisco.com/​join/​ais19]]
-    * [[https://learninglabs.cisco.com/​modules/​networking-basics|Networking Basics]] (Module3 labs+    * Step by step instructions for [[https://developer.cisco.com/learning/modules/dev-setup/​dev-win/​step/​1|Windows]], [[https://​developer.cisco.com/​learning/​modules/​dev-setup/​dev-mac/​step/​1|MacOS]],​ and [[https://​developer.cisco.com/​learning/​modules/​dev-setup/​dev-centos/​step/​1|Linux (CentOS)]]. 
-    * [[https://learninglabs.cisco.com/​modules/​fundamentals|Intro to Coding ​Fundamentals]] ​(Module, 4 labs) +(Optional) Self paced online training modules available on Cisco DevNet 
-    * [[https://learninglabs.cisco.com/​modules/​intro-device-level-interfaces|Intro to Model Driven Programmability (e.g. NETCONF/YANG)]] ​(Module4 labs)+  * Access is free but a DevNet account is required ​ 
 +  Login or create an account quickly with this AIS Hackathon specific link [[https://developer.cisco.com/​join/​ais19]] 
 +  * [[https://​developer.cisco.com/​learning/modules/rest-api-fundamentals|REST API Fundamentals ​Learning Module]] 
 +  * [[https://​developer.cisco.com/​learning/​modules/​programming-fundamentals 
 +|Programming Fundamentals Learning ​Module]] 
 +  * [[https://developer.cisco.com/learning/​modules/​intro-device-level-interfaces 
 +|Introduction ​to Model Driven Programmability (e.g. YANG, NETCONF, RESTCONF)]] 
 +Join Webex Team Space for Network Programmability:​ https://​eurl.io/#​S1NEG4VkS 
 +  * Click on [[https://​eurl.io/#​S1NEG4VkS|URL]] to be invited into “Hackathon@AIS Network Programmability” space 
 +  * Use this space to share share informationask questions 
 +  * Available during and after hackathon 
 + 
 +[[https://​hackathon.internetsummitafrica.org/​lib/​exe/​fetch.php?​media=ais-hackathon-network-programmability.pdf|Learning Materials]] presented during course of hackathon. 
 + 
 +Results presentations 
 +  * {{ :​programmability.pdf |}} 
 +  * {{ :​creating_additional_scripts_to_configure_bgp_with_the_cisco_nxos_yang_model.pdf|Creating Additional Scripts to Configure}} 
 +  * {{ :​egeru_joseph_hackathon_ais_network_programmability.pdf|Network programmability,​ Overcoming Common error with postman}} 
 ---- ----
  
  
 ==== 2. Intelligent Transportation Systems (IPWAVE) ==== ==== 2. Intelligent Transportation Systems (IPWAVE) ====
-Champions: Nabil Benamar (From Morocco - School of Technology Meknes, University of Moulay Ismail)+Champions: ​Prof. Nabil Benamar (From Morocco - School of Technology Meknes, University of Moulay Ismail) 
 +  * Manhal Mohammed 
 + 
 +Materials
  
 The main goal of this track is to see how IPv6 will work in vehicular environment,​ namely through the IEEE802.11-OCB frame (OCB, earlier "​802.11p"​). The main goal of this track is to see how IPv6 will work in vehicular environment,​ namely through the IEEE802.11-OCB frame (OCB, earlier "​802.11p"​).
Line 67: Line 82:
   * Basic IPv6 and Neighbor Discovery Protocol   * Basic IPv6 and Neighbor Discovery Protocol
   * Linux (Command ligne and Kernel compiling)   * Linux (Command ligne and Kernel compiling)
 +
 +** Presentations**:​
 +{{ :​ipwave_presentation.pdf |}} 
 +
        
 ---- ----
  
-==== 3. Measuring DNS using RIPE Atlas ==== +==== 3. Measuring DNS and DoH ==== 
-Champions: Willem Toorop - (NLNET Labs) - possibly also: Jasper den Hartog - (RIPE NCC)+Champions: Willem Toorop - (NLnet Labs) - Jasper den Hartog - (RIPE NCC) 
 +  * Jasper van Hertog 
 + 
 +Materials 
 + 
 +  * {{ ::​20190619_ais19_measuring-dns-and-doh.pdf |Introduction presentation}} 
 + 
 +== Generic resources == 
 +  - We have setup a Slack channel for discussion within this track. Please Signup for the hackathon channel [[https://​join.slack.com/​t/​hackathonais2019/​shared_invite/​enQtNjY4OTIwMDEyNzQzLTQ2NTZjZjk3MTU0ZDg2ZjExNjM3MWIyZGFlOTNjOTE0ZDI5ODBmNWQ4NjBlM2I3YmQxYjkyYzhiOTllOGY4NWM|here]] 
 +  - Linux command line available with VM on NUC accessible with OpenSSH or [[https://​www.chiark.greenend.org.uk/​~sgtatham/​putty/​|putty]] 
 + 
 +=== Motivation ==
  
 Encryption everywhere. It’s an initiative in the technical community that started as a reaction to Edward Snowden’s revelations about the NSA’s widespread surveillance and pervasive monitoring. Encryption everywhere. It’s an initiative in the technical community that started as a reaction to Edward Snowden’s revelations about the NSA’s widespread surveillance and pervasive monitoring.
Line 83: Line 113:
  
 Also DNS-over-TLS currently is mostly available trough cloud provided DNS services, like: [[https://​developers.cloudflare.com/​1.1.1.1/​dns-over-tls/​|Cloudflare'​s 1.1.1.1]], [[https://​developers.google.com/​speed/​public-dns/​docs/​dns-over-tls|Google'​s 8.8.8.8]], and [[https://​www.quad9.net/​faq/#​Does_Quad9_support_DNS_over_TLS|Quad9'​s 9.9.9.9]]. Also DNS-over-TLS currently is mostly available trough cloud provided DNS services, like: [[https://​developers.cloudflare.com/​1.1.1.1/​dns-over-tls/​|Cloudflare'​s 1.1.1.1]], [[https://​developers.google.com/​speed/​public-dns/​docs/​dns-over-tls|Google'​s 8.8.8.8]], and [[https://​www.quad9.net/​faq/#​Does_Quad9_support_DNS_over_TLS|Quad9'​s 9.9.9.9]].
- 
  
 **Within this hackathon track we will address the following questions:​** **Within this hackathon track we will address the following questions:​**
Line 96: Line 125:
  
 The density of RIPE Atlas probes in the Africa region is still quite low (see https://​atlas.ripe.net/​results/​maps/​density/​ ), which we can hopefully improve a little during the hackathon by handing out RIPE Atlas probes for people to connect in their own network. The density of RIPE Atlas probes in the Africa region is still quite low (see https://​atlas.ripe.net/​results/​maps/​density/​ ), which we can hopefully improve a little during the hackathon by handing out RIPE Atlas probes for people to connect in their own network.
 +
 +== RIPE Atlas resources: ==
 +
 +  - High level overview: https://​atlas.ripe.net/​landing/​about/​
 +  - To get started with RIPE Atlas: https://​www.ripe.net/​support/​training/​webinars/​webinar-recordings/​webinar-ripe-atlas
 +  - RIPE NCC provided a voucher providing 5,000,000 credits. The voucher code will be provided during the hackathon, and can currently also be found in the Slack Channel. (Thank you Lia!)
 +
 +During the Internet Measurement Workshop this weekend we scheduled i.root-servers.net A query measurement to:
 +  - 1.1.1.1 - https://​atlas.ripe.net/​measurements/​22015773/​
 +  - 8.8.8.8 - https://​atlas.ripe.net/​measurements/​22015800/​
 +  - 9.9.9.9 - https://​atlas.ripe.net/​measurements/​22015801/​
 +  - Local resolver - https://​atlas.ripe.net/​measurements/​22015822/​
 +  - Local resolver - https://​atlas.ripe.net/​measurements/​22015846/​
 +
 +To determine if DNS is hijacked:
 +  - schedule ''​whoami.akamai.net A''​ to 8.8.8.8
 +  - Returned IP's should be in [[https://​developers.google.com/​speed/​public-dns/​faq#​locations_of_ip_address_ranges_google_public_dns_uses_to_send_queries|this]] list
 +
 +Tools for "​advanced"​ scheduling of RIPE Atlas measurements
 +  - CLI: https://​ripe-atlas-tools.readthedocs.io/​en/​latest/ ​
 +  - Python library: https://​ripe-atlas-cousteau.readthedocs.io/​en/​latest/​
 +  - API: https://​atlas.ripe.net/​docs/​api/​v2/​reference/​
  
 === Resolver Jedi === === Resolver Jedi ===
Line 102: Line 153:
 The **Resolver Jedi** will build upon this idea and show if the DHCP configured resolver on Atlas Probes are within the same country and also the path towards that resolver. The **Resolver Jedi** will build upon this idea and show if the DHCP configured resolver on Atlas Probes are within the same country and also the path towards that resolver.
  
 +== Additional Resolver Jedi resources: ==
 +  - Github repository: https://​github.com/​emileaben/​ixp-country-jedi
  
 === Run your own DoH and/or DoT server === === Run your own DoH and/or DoT server ===
Line 111: Line 164:
   * [[https://​tools.ietf.org/​html/​rfc7413|TCP Fast Open]]   * [[https://​tools.ietf.org/​html/​rfc7413|TCP Fast Open]]
  
-Investigating ​and create instructions for setting up a DNS over HTTPS (DoH) service. ​ Either shared with a regular website and/or offering it as a standalone resolver service.+Investigate ​and create instructions for setting up a DNS over HTTPS (DoH) service. ​ Either shared with a regular website and/or offering it as a standalone resolver service.
  
 +== DoH resources ==
 +
 +Try to get a client setup and working:
 +  * Enable DoH in firefox: https://​www.bleepingcomputer.com/​news/​software/​mozilla-firefox-expands-dns-over-https-doh-test-to-release-channel/​
 +  * Enable DoH in bromite: https://​github.com/​bromite/​bromite/​wiki/​Enabling-DNS-over-HTTPS
 +  * Overview of DoT and DoH clients: https://​dnsprivacy.org/​wiki/​display/​DP/​DNS+Privacy+Clients
 +
 +Test if it is working:
 +  * https://​1.1.1.1/​help ​
 +
 +Setup server software on a VM on the NUC:
 +  * At the last RIPE meeting (78) Carsten Strotmann gave a very nice overview presentation on the [[https://​ripe78.ripe.net/​archives/​video/​127/​|current state of the software ecosystem for DoH and DoT]].
 +  * His full list of client and server DoT and DoH implementations van be found here: https://​doh.defaultroutes.de/​implementations.html
 +  * Very recently at the DNSHeads meeting in Vienna, the people from the [[https://​appliedprivacy.net/​|Applied Privacy Foundation]] gave an presentation on their operational experience providing DoH service. Their presentation is available for download here: https://​appliedprivacy.net/​files/​2019-06-12_DNSheads_Vienna_DoH_Server_Software_Experiences.pdf
 +
 +=== The `application/​dns+json` media type for DoH services ===
 +
 +Providing unhinderable undetectable DNS service is one of major motivations behind DoH, but there is the other use case: providing full DNS access to web applications.
 +Regular DoH (as defined in [[https://​tools.ietf.org/​html/​rfc8484#​section-6|RFC8484]]) delivers DNS messages in "​wire"​ format with media type `application/​dns-message`,​ which is impracticable for web applications to manage.
 +
 +There is another media type (`application/​dns+json`) defined in [[https://​tools.ietf.org/​html/​rfc8427#​section-7.1|RFC8427]] which delivers DNS messages in a new web applications friendly "​JSON"​ format.
 +
 +  * Are there DoH server solutions that support the new media type?
 +  * Is it possible to modify or extend one of the DoH server solutions?
 +  * If so, this would be a great hackathon project too!
  
 === Prerequisites === === Prerequisites ===
Line 119: Line 197:
   * Good knowledge of Linux and how to administer software with it   * Good knowledge of Linux and how to administer software with it
   * For doing and processing RIPE Atlas measurements,​ Python is a big plus!   * For doing and processing RIPE Atlas measurements,​ Python is a big plus!
 +
 +=== Results presentations ===
 +
 +| Team           ^ Members ​        ^ Presentation ​      |
 +^ Shadow Hunters | Bukola Oronti, Jerry Vance, Ishimwe Joseph,\\ Gregory Toskin, Lunghe Yedidya, Shadrach Ankrah,\\ Valery Bishala, Willem Toorop & Gervin Kahunde | https://​bit.ly/​2X4SHsq |
 +^ Just DoH it!   | Philippe Muziko, Yazid Akanho, Angela Natlapeng,​\\ Jasper den Hertog, Jasper Mangwana & Samuel Ochola | {{ ::​doh-dot-team.pdf |pdf}}, {{ :​doh-dot-team.pptx | pptx}} |
 +^ How do you DoH | Amreesh Phokeer & Malick| [[https://​github.com/​AFRINIC-Labs/​dns-measurements|Work in Progress]] |
 +
 ---- ----
  
 ==== 4. Secure NTP ==== ==== 4. Secure NTP ====
  
-Champions: Loganaden Velvindron (AFRINIC)+Champions: Loganaden Velvindron (AFRINIC) ​& Jeremie Daniel (University of Mauritius and cyberstorm.mu) 
 +  * Christer Weinigel 
 +  * Jeremie Daniel 
 + 
 +Materials 
   *  NTS interop   *  NTS interop
   * https://​datatracker.ietf.org/​doc/​draft-ietf-ntp-using-nts-for-ntp/​   * https://​datatracker.ietf.org/​doc/​draft-ietf-ntp-using-nts-for-ntp/​
Line 129: Line 220:
 Requirements:​ laptop with latest ubuntu with latest wireshark. Requirements:​ laptop with latest ubuntu with latest wireshark.
  
 +Presentations
 +  - Johnson Haguma and Mohammed Sultan Khamis {{ :​ntp_presentation.pdf |}} 
  
 ---- ----
Line 136: Line 229:
  
 Champions: Fred Baker and Stephen Honlue (AFRINIC) Champions: Fred Baker and Stephen Honlue (AFRINIC)
 +  * Brice Abba
 +
 +Materials
  
   * Relevant RFCs   * Relevant RFCs
Line 142: Line 238:
     * NDP over IPv6: https://​tools.ietf.org/​html/​rfc4861     * NDP over IPv6: https://​tools.ietf.org/​html/​rfc4861
     * IPv6 Addressing Architecture:​ https://​tools.ietf.org/​html/​rfc4291     * IPv6 Addressing Architecture:​ https://​tools.ietf.org/​html/​rfc4291
-  * At hackathon we will:+  * At the hackathon we will:
     * Have a brief introduction to IPv6 functions and features     * Have a brief introduction to IPv6 functions and features
     * Do an overview of Linux kernel and APIs     * Do an overview of Linux kernel and APIs
Line 154: Line 250:
       * Install Wireshark: https://​www.wireshark.org/​download.html       * Install Wireshark: https://​www.wireshark.org/​download.html
     * Knowledge of programming in C/python...     * Knowledge of programming in C/python...
 +    * Likely program to work on: https://​github.com/​brouberol/​myip ​
 +    * Wambui'​s myip in Python: https://​gist.github.com/​wambu-i/​047175fca861714563ad39ab46798519 ​
 ---- ----
 ===== Draft Agenda ===== ===== Draft Agenda =====
Line 167: Line 265:
     ​     ​
     Thursday, June 20th     Thursday, June 20th
-        ​09:00: Room opens and Teams break out. Led by project champions.+        ​08:30: Room opens and Teams break out. Led by project champions.
         12:30: Lunch Break         12:30: Lunch Break
         16:00: Hackathon ends         16:00: Hackathon ends
Line 178: Line 276:
   * Remote access equipment within CISCO network   * Remote access equipment within CISCO network
   * PCs   * PCs
-  * ATLAS Probes (https://​atlas.ripe.net/​+  * ATLAS Probes (https://​atlas.ripe.net/​)
   *    * 
  
Line 199: Line 297:
   * Virtual Box (on trainees laptops)   * Virtual Box (on trainees laptops)
   * Server for virtualization - used an Intel NUC   * Server for virtualization - used an Intel NUC
 +  * VMs to be using Ubuntu LXCs with Python pre-installed
   * LibreOffice - useful for editing all document versions (especially PDFs!!)   * LibreOffice - useful for editing all document versions (especially PDFs!!)
  
Line 222: Line 321:
   * More TBD   * More TBD
  
 +
 +===== Sponsors =====
 +
 +Cisco DevNet ​
 +
 +
 +===== Previous Events =====
 +
 +To see the 2017 Hackathon click here: https://​hackathon.internetsummitafrica.org/​doku.php?​id=hackathon2017
 +
 +To see the 2018 Hackathon click here: https://​hackathon.internetsummitafrica.org/​doku.php?​id=hackathon2018
  
  
hackathon2019.1558099292.txt.gz · Last modified: 2019/05/17 16:21 by kevo