Here's my notes from second half of NANOG today.
Now off to bear and gear. 
Matt
2009.10.19 NANOG 47 Monday notes, part 2
Mike Hughes starts things off after lunch at
1436 hours Pacific time.
Few bits of administrivia still.
If you want to submit a lightning talk, you can do
it up until 7pm today.
Please vote for the committee members!
PC nominations close this evening as well;
if you'd like to be on it, do that as well,
as much help as possible is needed.
3 lightning talks next up.
First up is Ernest McCracken
http://netlabs.cs.memphis.edu
NetViews: real time visualization of
Internet Path Dynamics for Network Management
Started doing this as part of his undergrad work.
Goal was to help researchers visualize network paths.
Topology mapping typically try to represent
internet architectures.
Scatter, skitter, Rocket Fuel, CAIDA,
why graph in realtime?
monitor realtime reachability
spot anomalous depeering
identify route hijacking and misconfigurations
developing next-gen routing monitor system.
BGPMon -- realtime lightweight BGP monitor
  with over 70 peers--allows for fast updates
NetViews - visualizes both control plane paths
  (via BGP updates) and forwarding paths (via
  active probing)
BGPMon is running, you connect to it, get the
routing updates; data broker sends BGP updates.
Prober probes target network from BGP peers to
get path updates.
GeoCoder and IP crawler get geographic info,
and traceable IPs for probing.
Slide showing data pathway
They probe during routing events; a timeline
showing BGP updates during the timeline. They
keep probing until they see no additional updates.
Visualization filters to show networks based on the
number of ASes an AS connects to.
You can see the updates scroll in realtime on the
live map as the updates come into the system.
Blue is path additions/changes, Red for changes.
They can also visualize forwarding paths, but
there's challenges in inferring forwarding paths
based on traceroutes.
Future work:
correlate forwarding and routing dynamics to create
a classification model for internet paths
add scalability by having clients run traceroute jobs
in a P2P fashion
Give client users the ability to communicate with each
other
Funded by NSF, and collaborating with UCLA, ColoState
and UofO on BGPMon system.
Any questions?
Q: Dave Meyer--can it be run internally? What
infrastructure do you need? Server portal runs
in lab, clients can run on any java client.
Synch up with him afterwards if you have any
summer internships available.
Next talk
Jim Cowie from Renesys
The recession and the routing table
Reading the tea leaves
They dig into the routing tables to see what's happening.
Tough times, tough questions
We konw that internet transit purchases are sensitive
to business conditions (2000 crash)
is the 2008-2009 recession affecting growth in
  the global/regional routing tables
Should be some sign of pullback in the routing tables
like in 2000.
3 years of North American routing--it's still going up,
there's no depression visible.
Why did the table keep growing?
Enterprises don't cut costs by leaving the internet,
they cut costs by reducing diversity
cheap transit getting cheaper acts like "easy money"
prospect of v4 runout may result in "use it or lose
it" addition of routes into table.
Half the table is just hanging out with 1 provider.
Number of prefixes with 4 or more providers is going
up.
The 1 provider networks either go to no-longer-advertised
or shift to 2 or 3 providers.
More go to the "no-longer-seen" pool; fewer upgrade
to the next category up.
People postpone getting to multihoming.
Triple-homing seems to be sweet spot.
4 or more provider pool is getting larger
and more stable over time; you don't tend
to decrease over time.
Global recession might give more of a break
before v4 exhaustion
Cheap transit killed that theory
some evidence of single- and dual- homed customers
putting off the move to higher order multihoming
in 2007 and 2008
"obviously practicing for IPv6 transition, after which
apparently multihoming becomes unnecessary"
Otherwise, growth continues apae
Bring on the post-IPv4 marketplace!
Q: Randy Bush--BGP is a great data hiding system;
it doesn't tell you much about the real topology
of the internet. How do you determine how a prefix
has a single upstream?