IETF 117 - San Francisco, California, USAIETF Meeting Network Information

2023-07-10 16:30 | -- (permalink)

External Connectivity

The IETF 117 network connects to the Internet using two 1Gb/s uplinks The first is donated by Comcast direct via EDI. The second is Comcast EPL for transport to the IX; Digitial Realty providing the cross-connect to Hurricane Electric for connectivity.

The IETF uses the following network prefixes:

2001:67c:370::/48
2001:67c:1230::/46
31.133.128.0/18
31.130.224.0/20

We supply bandwidth for the conference space and venue hotel guest rooms.

Guest Room and Public Space WiFi

The IETF network covers the guest rooms and coverage in the public spaces throughout the hotel using the 'ietf-hotel' SSID. If you have performance issues with this network, please let us know.

While we are using the IETF meeting network for Internet connectivity, we are using the hotel's access points to cover the guest rooms and public spaces, so there are limits to the improvements we can make.

If you have trouble with the 'ietf-hotel' SSID, please contact the Help Desk or email support @ ietf.org, and we are glad to help!

Meeting Room Wireless at the Venue Hotel

WiFi (802.11 a/g/n/ac/ax) is provided throughout the venue on 2.4 and 5GHz bands with IPv4 and IPv6.

Most users should choose the 'ietf' SSID:

user: ietf
password: ietf

Here’s a quick summary of the available WiFi networks:

SSID	Description	Encrypted	Frequencies	IP Versions
ietf	The default network	yes	5Ghz only	v4 and v6
ietf-legacy117	For legacy and unencrypted use	no	2.4 and 5Ghz	v4 and v6
ietf-v6ONLY	IPv6 only	yes	5Ghz only	v6 only
ietf-nat64	IPv6 stack with NAT64 to access IPv4 resources	yes	5Ghz only	v6 with NAT64 & DNS64
ietf-nat64-unencrypted	IPv6 stack with NAT64 to access IPv4 resources	no	2.4 and 5Ghz	v6 with NAT64 & DNS64
eduroam	Educational users	yes	2.4 and 5Ghz	v4 and v6

All networks marked as encrypted provide layer 2 security. They use WPA2/WPA3 Enterprise with 802.1X (PEAP or TTLS) authentication and AES encryption. Although all users are using the same credentials (user 'ietf', password 'ietf'), each user gets unique session encryption keys. The certificate for services.meeting.ietf.org is signed by Starfield Technologies, Inc., with the following fingerprint.

hash f(x)	fingerprint
SHA1	87:E7:53:8B:42:E1:FD:4E:D8:B2:D6:0B:48:69:D3:71:D2:F7:01:B6
SHA256	08:36:E8:E3:B4:CE:82:FC:30:9D:69:7E:B6:FE:A3:57:5E:6D:61:44:06:CA:74:AF:DB:1D:02:C6:CC:B0:B4:87

The WiFi network implements two BCP38-like filters:

Packets from manually configured IPv4 addresses that are not assigned by DHCP are dropped. DHCP packets are snooped by our wireless LAN controllers to perform this filtering.
Packets from IPv4 and IPv6 addresses that cannot be resolved via ARP/ND are filtered out. Proxy ARP/ND is performed by our wireless LAN controllers for this filtering.

A Note For Android Users

Here are the relevant settings for connecting Android devices to the secure ietf networks.

Network name (e.g. ietf): ietf
Security: WPA/WPA2-Enterprise
EAP Method: PEAP
Phase 2 authentication: MSCHAPv2
CA Certificate: Use system certificates
Do not verify
Domain: services.meeting.ietf.org
Identity: ietf
Password: ietf

Terminal Room

The Terminal Room is located in Golden Gate 1. The Terminal Room is open 6:00-20:00 beginning Sunday, July 23, 2023, at 16:00 and ending on Friday, July 28, 2023, at 15:00. The room consists of table seats, wired access, and 115V power ports.

The terminal room has no terminals, PCs, or other user-accessible machines. It is simply a place to get power, wired and WiFi Internet access, and work quietly.

When using the Ethernet connections in the Terminal Room, IPv4 addresses are provided by DHCP. Please use Stateless Auto-configuration for IPv6 (SLAAC). A DHCPv6 server or RDNSS will provide network information.

Please note that at the request of the IETF Chair, demonstrations are no longer permitted in the Terminal Room.

NOC and Ticketing

To communicate with the NOC staff, send an email to support @ ietf.org with as much detail regarding your issue and configuration as possible.

Please provide the following information:

MAC Address
Current Location
Device type and operating system
Description of the issue

This information will expedite ticket processing. If you're on-site and need direct network assistance (i.e., you have no network), please go to the Help Desk.

The Secretariat has a ticket system to report problems with the meetings. Please send mail to: support @ ietf.org to request help. The Secretariat is responsible for helping with the following:

A/V in meeting rooms
Beverage and food
Zulip (chat)
Projectors
Room temperature (too hot/cold)

Printing

A printer at the Terminal Room (Golden Gate 1) is available to all IETF users. The printer is an Epson WF-3823 and is accessible via LPD, Bonjour, and standard TCP/IP on port 9100. The hostname for it is ietf117.meeting.ietf.org.

Name	Model	Capabilities	IPv4 Address	IPv6 Address	Notes	Drivers
ietf117-printer.meeting.ietf.org	Epson WF-3823	Inkjet w/Duplexer	31.133.160.18	2001:67c:370:160::18	Bonjour name: ietf117-printer	Printer Drivers

Instructions for macOS using Bonjour auto-setup (DNS-Based Service Discovery)

(Note that this method is unavailable if you have configured an explicit DNS search list. Please see below for the manual configuration instructions.

Open System Preferences -> Printers & Scanners -> "+" below printer list
Select the "Printer" icon at the top of the window
You should see the printers discovered by Bonjour. Pick the right one.
Enjoy hassle-free printing.

Instructions for macOS using manual configuration

Open System Preferences -> Printers & Scanners -> "+" below printer list
Select the "Globe" icon at the top of the window
Enter "ietf117-printer.meeting.ietf.org" in the Address field.
Select "Airprint" from the Protocol field drop-down menu
Leave the Queue field blank.
Click Add

Instructions for Windows

Download and install the appropriate driver from: https://epson.com/Support/Printers/All-In-Ones/WorkForce-Series/Epson-WorkForce-Pro-WF-3823/s/SPT_C11CJ07202
If you have difficulty installing the printer for ietf117, please visit the Network Help Desk adjacent to the IETF Registration Desk on the Lobby Level.

EPSON Connect

Email the document or file you wish to print as an attachment to ietf117 @ print.epsonconnect.com
Retrieve your printout from the printer near the Network Help Desk in the Registration Area.

Services

The following network services are provided:

Service	Address	Notes
NTP	ntp.meeting.ietf.org	A stratum 2 time service is provided via unicast IPv4 and IPv6
DNS	ns1.meeting.ietf.org ns2.meeting.ietf.org	Validating recursive resolvers. The local domain is meeting.ietf.org.

These services are provided by the following servers:

Name	IPv4	IPv6
services-1.meeting.ietf.org	31.130.229.6	2001:67c:370:229::6
services-2.meeting.ietf.org	31.130.229.7	2001:67c:370:229::7

Geolocation

There is a geolocation feed published here: https://noc.ietf.org/geo/google.csv

Geolocation service for event networks is often incorrect. Suggestions and assistance are welcomed. You can also try searching via https://www.google.com/ncr (no country re-direct).

Experiments

Experiments on the IETF network need to be approved by the IETF Chair. For IETF 117, The NOC team received a request from the Madinas working group to conduct an Open Roaming experiment. The experiment was not approved for 117.

Thanks

The IETF network is made possible by our sponsors' contributions and the efforts of the volunteer team. If you see them in the halls, be sure to thank them for their work!

Contributors:

Juniper Networks
Cisco

Connectivity:

Comcast
Hurricane Electric
Digital Realty

Volunteers:

Hirochika Asai (Preferred Networks/WIDE)
Rob Austein (Arrcus)
Joe Clarke (Cisco)
Bill Fenner (Arista)
Bill Jensen (University of Wisconsin–Madison)
Hans Kuhn (NSRC)
Fabiha Kumari
Warren Kumari (Google)
Chris Morrow (Google)
Karen O'Donoghue (ISOC)
Clemens Schrimpe
Momoka Yamamoto (The University of Tokyo)

Staff:

Rick Alfvin
Stetson Alfvin
Sean Croghan
Nick Kukich
Con Reilly