Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Domain Name System Continuity of Operations Apricot 2008 Taipei TAIWAN 28feb2008.

Published byIsabella Beach Modified over 10 years ago

Similar presentations

Presentation on theme: "The Domain Name System Continuity of Operations Apricot 2008 Taipei TAIWAN 28feb2008."— Presentation transcript:

1 The Domain Name System Continuity of Operations Apricot 2008 Taipei TAIWAN 28feb2008

2 Name Service Evolution Bill Manning B Operations bmanning@ep.net

3 DNS Questions:1980-1989 Does it work? Is it better than the alternatives? Who runs it? Who cares? Huge changes in software, capabilities, and underlying network technologies e.g. the Cambrian Era

4 DNS:1990-2000 Defacto naming abstraction tool Rate of Innovative Change dropped Capacity augmentation was key User base changed Required changes required much more coordination and planning Planning for significant changes, some steps were taken

5 2001 -Stepping up to New Tasks Expanding system under given restraints. New DNS protocol requirements –IPv6 –DNSSEC New operational challenges: –More servers – anycast! –Complexity of large installations. –Various types of attacks.

6 DNS Roots Today? Root Servers at 140+ sites –... and counting Cryptographically signed data transfers Tight engineering cooperation –Regular meetings 3 times/year –Technical coordination Relationship with ICANN –Root Server System Advisory Committee Change control prevents rapid response

7 Attacks Yes, they do happen THEY DON'T BREAK THE INTERNET! –DNS is a very, very robust protocol! –Clients cache data, including lists of TLD servers Anycast gives decent protection Very close cooperation with software vendors, Internet service providers, law enforcement, and computer emergency response teams Successful Attacks can still be launched –We lack a good Continuity of Operations Plan

8 The Future? Still wider spread –Many corners of the world still under provisioned. –This is ongoing. IPv6 DNSSEC Traffic analysis –Preventive measures OR

9 Have the assumptions Changed? Mobility instead of Anchored Verifiable, Accurate data with Integrity Wisdom of a single namespace Implementation Choices reflect the 1980s design constraints Can new systems leverage off the existing system Do all addressable devices need a name

10 More thoughts for the future Synthetic devices may need names Other bindings may be useful, e.g. Name to Key or Key to Address Minimize Single points of failure –DDOS –Third Party Caches –Simple Delegation Hierarchy

11 Thank You

Download ppt "The Domain Name System Continuity of Operations Apricot 2008 Taipei TAIWAN 28feb2008."

Similar presentations

Technical Services Develop Integrate Operate APNIC technical infrastructure.

Technical Services Develop Integrate Operate APNIC technical infrastructure.
The ICANN Experiment CainetCainet 2000 8-3-00 Andrew McLaughlin.

The ICANN Experiment CainetCainet Andrew McLaughlin.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
May 2 nd, 2001, page n° 1 The Invisible Network. May 2 nd, 2001, page n° 2 List of contents Introduction The invisible network: an example Some trends.

May 2 nd, 2001, page n° 1 The Invisible Network. May 2 nd, 2001, page n° 2 List of contents Introduction The invisible network: an example Some trends.
Review iClickers. Ch 1: The Importance of DNS Security.

Review iClickers. Ch 1: The Importance of DNS Security.
L-Root: Expanding Distribution in Africa. 2 One of 13 root name servers containing Internet Protocol addresses Operated by ICANN using anycast technology.

L-Root: Expanding Distribution in Africa. 2 One of 13 root name servers containing Internet Protocol addresses Operated by ICANN using anycast technology.
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.

State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
4/27/2015Slide 1 Rethinking the design of the Internet: The end to end arguments vs. the brave new world Marjory S. Blumenthal Computer Science and Telecomms.

4/27/2015Slide 1 Rethinking the design of the Internet: The end to end arguments vs. the brave new world Marjory S. Blumenthal Computer Science and Telecomms.
Akamai DNS Offerings RSA © Conference 2013. ©2013 AKAMAI | FASTER FORWARD TM Akamai DNS Solutions Enhanced DNS (eDNS) Scalable, outsourced, DNS solution.

Akamai DNS Offerings RSA © Conference ©2013 AKAMAI | FASTER FORWARD TM Akamai DNS Solutions Enhanced DNS (eDNS) Scalable, outsourced, DNS solution.
HUIT dns/dhcp redesign and roadmap Improved dns, right size IB, modern design, linux fallback.

HUIT dns/dhcp redesign and roadmap Improved dns, right size IB, modern design, linux fallback.
Net Neutrality By Guilherme Martins. Brief Definition of what is Net Neutrality? Network neutrality is best defined as a network design principle. – Think.

Net Neutrality By Guilherme Martins. Brief Definition of what is Net Neutrality? Network neutrality is best defined as a network design principle. – Think.
DNSSEC & Email Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.

DNSSEC & Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:

© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:
1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.
DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.

DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.
1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.

1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.
Domain Name System Security Extensions (DNSSEC) Hackers 2.

Domain Name System Security Extensions (DNSSEC) Hackers 2.
Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.

Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.

Similar presentations

Ads by Google