The IETF has an Operations and Management (Ops) Area with many Working Groups. The newest WG is the SRv6 Ops WG and one of the topics is how to transition an existing network to one that supports SRv6. It is one of the first questions network operators will ask about SRv6. There are a couple of IETF drafts now addressing this topic. Mike McBride will provide an overview of this work in the IETF and provide a summary of how to upgrade an existing network to a SRv6 network. Should they run ships in the night, utilize various tunneling techniques or other deployment solution? If they are currently running an IP/MPLS network how should they transition to SRv6? This presentation summarizes various deployment alternatives to help provide guidance to those wanting to upgrade their network to SRv6.

Mike has served as an IETF Working Chair for over 20 years. He’s an IP routing research expert developing the architectures of next generation networks. He leads SRv6, security, multicast and distributed ledger projects as Sr. Director of Innovation and Technology Strategy. He’s worked for Apple, Cisco, Huawei, Ericsson and Futurewei in a variety of capacities over his career. He has spoken at various events around the work including ChiNog and NANOG here in the US.

This presentation examines the intricate landscape of overlay technologies, tracing their historical development, dissecting current deployments, and prognosticating future directions. We will explore the evolution from basic VLANs to advanced solutions like VXLAN, GENEVE, and SRv6, analyzing the architectural nuances, protocol intricacies, and operational considerations that define each. The critical roles of microsegmentation and tunneling in overlay functionality will be examined, along with the trade-offs between hardware and software implementations. A deep dive into the driving forces behind technological trends, such as virtualization, will highlight the paradigm shifts in data center architecture and the resultant demands on network overlays. The intricacies of L2 and L3 VPN evolution, including EVPN standardization, will be reviewed, alongside real-world deployment scenarios illustrating multitenancy, L2 stretching, and enterprise Zero Trust architectures. Finally, the presentation will address the ongoing trends shaping the field, including the convergence of L2 and L3 services, cost optimization, and the imperative of multivendor interoperability.

Leading member of the systems engineering team, developing technical solutions with the focus on AI/ML, Hyperscale network infrastructure in DC, WAN, Campus, and Media and Entertainment networks. Co-author on IETF Internet-Draft that proposes a method for filtering BUM traffic in EVPN Ethernet Tree (E-Tree) networks that use VXLAN encapsulation: https://datatracker.ietf.org/doc/draft-bamberger-bess-imet-filter-evpn-etree-vxlan/ Participated in proposing changes to draft-sajassi-bess-rfc8317bis that proposes updates to RFC 8317, which defines a framework for supporting E-Tree service over a MPLS network. The proposed updates would allow E-Tree to be supported over EVPN networks. Top contributor with original articles to eos.arista.com, speaker on podcasts LinkMeUp#74 “Securing BGP” and LinkMeUp#93 “Building hyperscale networks.

Cloudflare runs a vast global network with complicated peering relationships that present a unique complexity for detecting route leaks. AS-to-AS relationships alone are insufficient to distinguish a legitimate BGP prefix announcement from a leaked announcement. Instead, each prefix needs to be precisely evaluated at the prefix level for path validity.

In this presentation, we will show you how we built prefix-level route leak detection at Cloudflare with a highly scalable pipeline. We will share our methods that other networks might find useful in capturing their own route leaks, especially to those who operate BGP Anycast networks. In addition to this, we will discuss our progress toward BGP ASPA (Autonomous System Provider Authorization) compliance, Cloudflare’s strategy to leverage RFC9234 Only-to-Customer (OTC) attribute, and how they fit alongside our prefix-level BGP route leak detection as preventative measures.

Bryton Herdes is a Principal Network Engineer at Cloudflare, working on the edge and backbone global network. Prior to Cloudflare, he worked primarily in the Internet Service Provider space. Bryton spends his time working on network design, implementation, and firefighting at Cloudflare.

Mingwei Zhang is a Senior Systems Engineer at Cloudflare. He is also the creator of BGPKIT, an open-source software suite for BGP data analysis. Mingwei spends his time working on Cloudflare Radar’s wide array of BGP and traffic related visibility features.

Join us for a deep dive into the evolution of Routing Security and the key factors that led to the development of Resource Public Key Infrastructure (RPKI). We’ll explore the timeline of its initial deployments and the pivotal moments that brought RPKI to the forefront of the global Internet community. Recent U.S. government initiatives have prioritized the creation of RPKI Route Origin Authorizations (ROAs) to bolster network security. Finally, we’ll look ahead to the future of RPKI, examining upcoming developments and long-term plans being discussed within standards bodies and the broader Internet community.

Jon Worley is the Senior Technology Architect for ARIN and has been a member of the Registration Services team since 2004. He has experience with all ARIN policies and procedures for requesting, managing, and transferring IP addresses and AS numbers, including technical services such as ARIN’s RESTful API. Jon has spoken about these topics as well as IPv4 depletion and IPv6 adoption at many ARIN events.

Since the emergence of SD-WAN in 2014, the WAN ecosystem has undergone a major transformation. Traditionally, businesses relied on carrier-managed private WAN solutions, but today, most have transitioned or are in the process of transitioning to SD-WAN leveraging Internet-based connectivity. Improvements such as service availability, bandwidth capacity, and link quality combined with lower costs and the need for more flexible connectivity options as applications migrate from on-premises to the cloud made this a relatively obvious business choice. However, for many businesses, the transition has not been as seamless as expected.

In regions like the United States, Canada, and Europe, Internet-based WAN connectivity performs comparably to legacy private circuits, making it a viable replacement. Yet, in other parts of the world, inefficient routing presents significant challenges. For example, traffic between South American nations often routes through Florida or Houston, and traffic between African and Middle Eastern nations frequently routes through Frankfurt or London.

Even in 2025, some networks—particularly “”eyeball networks””—remain poorly peered in certain regions, making Internet-based WAN transport suboptimal and often unfit for purpose. Conversely, other networks—””content networks””—are exceptionally well-peered in these regions. The key to overcoming the challenge of Internet-based WAN transport lies in leveraging these well-peered content networks to provide transit, creating regional network bridges, and optimize WAN routing. SD-WAN, with its intelligent traffic steering and dynamic path selection, is the solution to unlocking the full potential of Internet-based WAN transport.”

Dane Jackson is a seasoned technology leader with over two decades of expertise in network engineering, cyber security, and IT infrastructure. As the Director of Global Professional Services at Cato Networks, he spearheads global initiatives, driving innovation and excellence in the field of Security Access Service Edge.

Before joining Cato Networks, Dane held a key management role at Hyatt Hotels Corporation, where he managed global network operations, ensuring seamless connectivity across corporate offices and hotel properties worldwide. His tenure at West Monroe Partners saw him leading complex enterprise networking and security projects, particularly in the M&A vertical. Additionally, his experience at Purdue Research Foundation and Purdue University laid a strong foundation in network architecture and systems administration.

Along with a B.S. in Network Engineering Technology from Purdue University, Dane also holds multiple industry certifications from Cisco Systems, VMware, and Juniper along other vendors underscoring his deep technical expertise in the fields of cloud networking, cybersecurity, SD-WAN, and IT infrastructure modernization.