Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keeping state election infrastructure safe: How Cloudflare and local IXP connectivity helped a small country in Europe Authors: Vladislav Bidikov.

Published bySamuel Rogers Modified over 5 years ago

Similar presentations

Presentation on theme: "Keeping state election infrastructure safe: How Cloudflare and local IXP connectivity helped a small country in Europe Authors: Vladislav Bidikov."— Presentation transcript:

1 Keeping state election infrastructure safe: How Cloudflare and local IXP connectivity helped a small country in Europe Authors: Vladislav Bidikov

2 About me Programmer by heart 7 years ago was asked to be part of the Computer center on the Faculty for Computer Science and Engineering (FCSE) Experience in networking for 10+ years Started exploring the RIPE Atlas project years ago – RIPE Atlas Ambassador Created IXP.mk last year (July 2018) as the first IXP in Macedonia

3 The problem Initial idea started before RIPE SEE4 (Belgrade 2015)
Previous idea the “famous” MATRIX project – dead in the water for years. The faculty has good cooperation with major ISP December 2016 – FCSE starts the project “Research platform (testbed) for high availability internet connections”, - multy year project for cooperation and research of possible ways to improve connectivity to between major ISP and University networks December 2016 – First meeting with help from RIPE/ISOC for getting key players on board 2017 – Work on the initiative 2018 – IXP momentum emerges and IXP.mk is officially born

4 Initial ideas for the Election Info system
Use IXP.mk to allow almost unlimited bandwidth for Macedonian ISPs (minimal connectivity is 1G per ISP) which will feed info into the Election system (Try to) Use Cloudflare for “international” access via a special dedicated link (initial link was 300Mbit and service was not stable) Virtualize all servers

5 Cloudflare steps in We contacted Cloudflare since they have project “Athenian” which allows election comities to use the service for free Although the service was designed for USA – we got on boarded in less than 24h We started to experiment and saw problem we need to resolve in the Election Information system with the vendor producing the system

6 Redesign of the Election Information system
Application was monolithic – One Application server and One Database server; Cloudflare caching was useless since the whole HTML needed to be rebuild every 5 minutes Application was split info modular architecture – with dynamic data as JSON file per electoral region (around 4000 JSON files)

7 Results

8 Results

9 Results

10 Results

11 Results (closure of polling booths)

12 Conclusion Election system was online 100% Input od result data was going over the IXP so it was independent of ISP uplink and ISP connectivity All DDOS attacks where stopped by Cloudflare and the link never went over 100 Mbit Trust into the Election system

13 Future work Get more ISP to come to IXP.mk Get CDN into IXP.mk (Google? Facebook? Akamai? Others?) Get root dns server instances IXP.mk is ready – we have new Quanta switches (thanks ISOC) we have 10G and 40G optics (thanks Flexoptix) we are running Ixpmanager (updated over the weekend) 

14 vladislav.bidikov@finki.ukim.mk @bidikov
Connect with us – @bidikov

Download ppt "Keeping state election infrastructure safe: How Cloudflare and local IXP connectivity helped a small country in Europe Authors: Vladislav Bidikov."

Similar presentations

Review for Vocabulary Section 3 Quiz. What is the amount of data that can be sent in a certain amount of time? What is the amount of data that can be.

Review for Vocabulary Section 3 Quiz. What is the amount of data that can be sent in a certain amount of time? What is the amount of data that can be.
Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada ISP-Friendly Peer Matching without ISP Collaboration Mohamed Hefeeda (Joint.

Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada ISP-Friendly Peer Matching without ISP Collaboration Mohamed Hefeeda (Joint.
Content Delivery Networks. History Early 1990s sees 100% growth in internet traffic per year 1994 o Netscape forms and releases their first browser.

Content Delivery Networks. History Early 1990s sees 100% growth in internet traffic per year 1994 o Netscape forms and releases their first browser.
The LON-CAPA Resource Sharing Network Gerd Kortemeyer Michigan State University.

The LON-CAPA Resource Sharing Network Gerd Kortemeyer Michigan State University.
Google App Engine and Java Application: Clustering Internet search results for a person 14.8.2015Aleksandar Kartelj Faculty of Mathematics,

Google App Engine and Java Application: Clustering Internet search results for a person Aleksandar Kartelj Faculty of Mathematics,
DNS: Domain Name System Mark Ciocco Chris Janik Networks Class Presentation Tuesday April 18, 2000 To insert your company logo on this slide From the Insert.

DNS: Domain Name System Mark Ciocco Chris Janik Networks Class Presentation Tuesday April 18, 2000 To insert your company logo on this slide From the Insert.
Evolved from ARPANET (Advanced Research Projects Agency of the U.S. Department of Defense) Was the first operational packet-switching network Began.

Evolved from ARPANET (Advanced Research Projects Agency of the U.S. Department of Defense) Was the first operational packet-switching network Began.
ARIN on the Road – Halifax

ARIN on the Road – Halifax
For more notes and topics visit:

For more notes and topics visit:
Internet. 1.Someone creates a website 2.They load it to a web server computer 3.We must have an Internet connection 4.We can see the websites on a browser.

Internet. 1.Someone creates a website 2.They load it to a web server computer 3.We must have an Internet connection 4.We can see the websites on a browser.
Optimal course of IXP development – NIX.CZ Tomáš Maršálek NIX.CZ, Director of Association 24.2.2009, Apricot2009.

Optimal course of IXP development – NIX.CZ Tomáš Maršálek NIX.CZ, Director of Association , Apricot2009.
Using fb group to support postgraduates: a case study of DSG Anita Adnan ICT Consultant Trainer / Online Instructor Megabase Training & Consultancy www.anita-adnan.webnode.com.

Using fb group to support postgraduates: a case study of DSG Anita Adnan ICT Consultant Trainer / Online Instructor Megabase Training & Consultancy
What kind of technical infrastructure would be required? Team 4 I.T.

What kind of technical infrastructure would be required? Team 4 I.T.
Introduction1-1 Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 1 Omar Meqdadi Department of Computer Science and Software Engineering.

Introduction1-1 Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 1 Omar Meqdadi Department of Computer Science and Software Engineering.
LINX update to EIX John Souter, Agenda 1.New staff 2.Improvements to monitoring & set-up 3.Move to new optical platform 4.Move to VPLS architecture.

LINX update to EIX John Souter, Agenda 1.New staff 2.Improvements to monitoring & set-up 3.Move to new optical platform 4.Move to VPLS architecture.
RONOG2 - INTRODUCTION INTERLAN & THE OPERATORS’ COMMUNITY.

RONOG2 - INTRODUCTION INTERLAN & THE OPERATORS’ COMMUNITY.
Vladislav Bidikov, FCSE, UKIM, Macedonia, 17.11.2015 Improving Macedonia internet connectivity with RIPE Atlas How a Idea could become reality...

Vladislav Bidikov, FCSE, UKIM, Macedonia, Improving Macedonia internet connectivity with RIPE Atlas How a Idea could become reality...
1 TCS Confidential. 2 Objective : In this session we will be able to learn:  What is Cloud Computing?  Characteristics  Cloud Flavors  Cloud Deployment.

1 TCS Confidential. 2 Objective : In this session we will be able to learn:  What is Cloud Computing?  Characteristics  Cloud Flavors  Cloud Deployment.
Euro-IX Update RIPE65 - Amsterdam Bijal Sanghani

Euro-IX Update RIPE65 - Amsterdam Bijal Sanghani
Euro-IX Update NIX-meeting February 4th 2016. What do we do? 2 Forums per year Maintaining the Website, database and tools Mailing Lists Newsletter –

Euro-IX Update NIX-meeting February 4th What do we do? 2 Forums per year Maintaining the Website, database and tools Mailing Lists Newsletter –

Similar presentations

Ads by Google