Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS Removals - Changing a TLD server‘s address - Peter Koch OARC DNS Operational Meeting Ottawa, 25-SEP-2008.

Published byJeffery Wilkins Modified over 8 years ago

Similar presentations

Presentation on theme: "DNS Removals - Changing a TLD server‘s address - Peter Koch OARC DNS Operational Meeting Ottawa, 25-SEP-2008."— Presentation transcript:

1 DNS Removals - Changing a TLD server‘s address - Peter Koch OARC DNS Operational Meeting Ottawa, 25-SEP-2008

2 2 Changed address of S.DE.NET 193.159.170.149 -> 195.243.137.26 Same AS, no significant RTT change This is a DE only name server Captured query traffic Determine dominant source for the address Count queries and queriers Find Query Swing Find Stalking Resolvers cf. work for B and J root servers What we did

3 3 Server ‘ s name appears in the authoritative NS RRSet at DE zone apex in the delegation in the parent zone Server ‘ s address originates from Authoritative data in DE.NET Root zone glue data spread through TLD referrals [additional section for authoritative DE responses] Surprise, wait … How does DNS traffic go to S.DE.NET?

4 4 Change of authoritative data in DE.NET zone effective 2008-02-13 09:00 2008 UTC TTL was 3600 Change of „ glue “ in the NET zone effective 2008-02-20 16:23 2008 UTC TTL was 172800 Root zone delegation change (glue) effective 2008-02-21 15:37 2008 UTC TTL was 172800 Timeline

5 5 ; > DiG 8.4 > +norec @c.gtld-servers.NET. s.de.net. ;; res options: init defnam dnsrch ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43508 ;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 2 ;; QUERY SECTION: ;; s.de.net, type = A, class = IN ;; ANSWER SECTION: s.de.net. 172800 IN A 195.243.137.26 ;; AUTHORITY SECTION: de.net. 172800 IN NS ns1.denic.de. de.net. 172800 IN NS ns2.denic.de. de.net. 172800 IN NS ns3.denic.de. de.net. 172800 IN NS ns4.denic.net. de.net. 172800 IN NS ns5.denic.net. ;; ADDITIONAL SECTION:[…] The Unexpected Glue Entry

6 6 Observations on 2008-02-13 (auth data change)

7 7 DSC on 2008-02-21

8 8 Stats on 2008-02-21

9 9 Authoritative data less dominant than referral (from root) data Additional section filled from glue No immediate correlation with root zone dist? We have many „ first contacts “ But: This is for an out-of-domain server Special handling of NET zone needs to be considered DE is largely, but not solely a delegation only zone Sensor died due to real world move Preliminary Conclusions

10 10 After seven 7 months, query rate is still high Die-hard dropcatchers Resolvers with (outdated) copies of the root zone! 2006082700 … or abandoned alternate root system Open Recursive Name Servers Weird high TTLs on TLD NS RRSet and A RRSets s.de.net. 2132443279 IN A 193.159.170.149 fpdns identifies „non-standard“ software Trivia

11 11 DSC 2008-04-10 -> 2008-04-12

12 12 2008-09-19 Traffic to old address

13 13 2008-09-19 Stalker distribution

14 14 Investigate some resolvers in more detail Especially the „ open “ ones Investigate „ first contacts “ Early cache expiry? No cache at all? Redo experiment with different server name Within nic.de Future Work

15 15 ?/! Peter Koch, DENIC eG

Download ppt "DNS Removals - Changing a TLD server‘s address - Peter Koch OARC DNS Operational Meeting Ottawa, 25-SEP-2008."

Similar presentations

Testing IPv6 Address Records in the DNS Root APNIC 23 February 2007 Geoff Huston Chief Scientist APNIC.

Testing IPv6 Address Records in the DNS Root APNIC 23 February 2007 Geoff Huston Chief Scientist APNIC.
1 VeriSign Site Finder Scott Hollenbeck SECSAC Open Meeting 7 October 2003.

1 VeriSign Site Finder Scott Hollenbeck SECSAC Open Meeting 7 October 2003.
Authoritative-only server & TSIG cctld-workshop Nairobi,12-15 october 2005

Authoritative-only server & TSIG cctld-workshop Nairobi,12-15 october 2005
© 2006-2012 NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Introduction.

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Introduction.
DNS and TCP Sequence Numbers (Again!) EE122 Discussion 10/24/2011.

DNS and TCP Sequence Numbers (Again!) EE122 Discussion 10/24/2011.
DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.

DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.
DNS Security Extension (DNSSEC). Why DNSSEC? DNS is not secure –Applications depend on DNS ►Known vulnerabilities DNSSEC protects against data spoofing.

DNS Security Extension (DNSSEC). Why DNSSEC? DNS is not secure –Applications depend on DNS ►Known vulnerabilities DNSSEC protects against data spoofing.
6.033 Lecture 14 DNS and Content Delivery Networks Sam Madden Key ideas: Domain name service Content delivery networks Network overlays.

6.033 Lecture 14 DNS and Content Delivery Networks Sam Madden Key ideas: Domain name service Content delivery networks Network overlays.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Chapter 25 Domain Name System.

McGraw-Hill©The McGraw-Hill Companies, Inc., Chapter 25 Domain Name System.
Recursive Server. Overview Recursive Service Root server list localhost 0.0.127.in-addr.arpa named.conf.

Recursive Server. Overview Recursive Service Root server list localhost in-addr.arpa named.conf.
Domain Name System: DNS

Domain Name System: DNS
1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.

Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.

Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.
NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/20091 NET0183 Networks and Communications by Dr Andy Brooks.

NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/20091 NET0183 Networks and Communications by Dr Andy Brooks.
Tony Kombol ITIS 3110. www.teacherstalk.com Who knows this? Who controls this? DNS!

Tony Kombol ITIS Who knows this? Who controls this? DNS!
CS 4396 Computer Networks Lab

CS 4396 Computer Networks Lab

Similar presentations

Ads by Google