REVERSE DNS Why and how AFRINIC-II Maputo,Mozambique 26 April 2005 Alain AINA.

Slides:



Advertisements
Similar presentations
Internet Number Resource Status Report As of 30 June 2005.
Advertisements

CCNA1 v3 Module 9 v3 CCNA 1 Module 9 JEOPARDY K. Martin Galo Valencia.
December 2013 Internet Number Resource Report. December 2013 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 December.
March 2014 Internet Number Resource Report. March 2014 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 March 2014 Prepared.
Web Server Administration
IPv6: The Future of the Internet? July 27th, 1999 Auug.
Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Mirjam Kühne 1 RIPE 34, September 1999 Registration Services Report presented by Mirjam Kühne.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
Reverse DNS.
Security and Information Assurance for the DNS Dan Massey USC/ISI.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting What is Reverse DNS October 26th, Brisbane Bruce.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
Application Layer At long last we can ask the question - how does the user interface with the network?
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Module 12: Domain Name System (DNS)
Chapter 25 Domain Name System
DOMAIN NAME SYSTEM. Domain Name System Hostname Resolution DNS Name Lookup with DNS Domain Name Servers DNS Database Reverse Lookups.
Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.
Domain Name Services Oakton Community College CIS 238.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Basic DNS Course Lecturer: Ron Aitchison. Module 1 DNS Theory.
Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.
NATO Advanced Networking Workshop. Ljubljana, 19 September “How to Run a Local Internet Registry” or all your IPs are belong.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Domain Names System The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
The APNIC Whois Database Introduction and Usage. whois.apnic.net whois.ripe.netwhois.arin.net Server Unix Client ‘X’ Client Command Prompt / Web Interface.
1 IN-ADDR.ARPA and the UNINET Project address space Presentation to ISOC-ZA Workshop Friday 13 September 2002.
Database Update Paul Palse Database Manager, RIPE NCC.
Domain names and IP addresses Resolver and name server DNS Name hierarchy Domain name system Domain names Top-level domains Hierarchy of name servers.
INTERNET Sujata Rao. What is INTERNET? The Internet, sometimes called simply "the Net," is a worldwide system of computer networks. A network of networks.
DNS Concepts APNIC 16, Seoul, Korea 19, August 2003.
1 Application Layer Lecture 6 Imran Ahmed University of Management & Technology.
Chapter 29 Domain Name System (DNS) Allows users to reference computer names via symbolic names translates symbolic host names into associated IP addresses.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
Domain Name System. CONTENTS Definitions. DNS Naming Structure. DNS Components. How DNS Servers work. DNS Organizations. Summary.
Fully Qualified Domain Names FQDNs. DNS Database A distributed, hierarchical database Resolves Fully Qualified Domain Names (FQDNs) to IP addresses –
Regional Internet Registries Statistics & Activities IETF 55 Atlanta Prepared By APNIC, ARIN, LACNIC, RIPE NCC.
Internet and Intranet Protocols and Applications Lecture 5 Application Protocols: DNS February 20, 2002 Joseph Conron Computer Science Department New York.
1 Kyung Hee University Chapter 18 Domain Name System.
Configuring Name Resolution and Additional Services Lesson 12.
Domain Name System (DNS). DNS Server Service Overview of Domain Name System What Is a Domain Namespace? Standards for DNS Naming.
1 Domain Name System (DNS). 2 3 How DNS Works Application Transport Internet Network Application Transport Internet Network DNS Resolver Name Server.
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May IP Address Management AfNOG Workshop, 11 May 2001 Accra, Ghana presented by:
1 IPv6 Allocation Policy and Procedure Global IPv6 Summit in China 2007 April 13, 2007 Gerard Ross and Guangliang Pan.
Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004.
Draft Policy ARIN : Remove NRPM section 7.1.
Local Internet Registries. RIPE 47 - IP Request Tutorial. 1 Welcome to the RIPE NCC IP Request Tutorial January 27, 2003 RIPE Network.
DNS Security 1. Fundamental Problems of Network Security Internet was designed without security in mind –Initial design focused more on how to make it.
CITA 310 Section 3 Additional Topics. Common IPv4 Classes ClassFirst numberSubnet maskNumber of networks Number of addresses Class A0 – ,777,216.
Web Server Administration Chapter 4 Name Resolution.
1 The Internet Registry System Mirjam Kühne RIPE NCC EC-POP Brussels 5 July 1999.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting APNIC Reverse DNS October 26th, Brisbane Bruce.
17 th APNIC Open Policy Meeting APNIC IPv6 Address Guidelines Akira Nakagawa )/ POWEREDCOM Billy MH Cheon / KRNIC Toshiyuki.
COMP2322 Lab 3 DNS Steven Lee Feb. 19, Content Understand the Domain Name System (DNS). Analyze the DNS protocol with Wireshark. 2.
Aug 2008 KRNIC of NIDA KRNIC Updates.
Nurani Nimpuno. APRICOT 2001, 26 February - 2 March CATV/xDSL Address policy SIG APRICOT 2001 Nurani Nimpuno Registration Services.
So DNS is A client-server application that maps domain names into their corresponding IP addresses with the help of name servers. Mapping domain names.
Mirjam Kühne. AfNOG Conference, 11 May Operational Co-ordination in the RIPE Region presented by: Mirjam Kühne RIPE NCC.
Whois & Data Accuracy Across the RIRs. Terms ISP – An Internet Service Provider is allocated address space by an RIR for the purpose of providing connectivity.
Chapter 5c.  Upon completion of this chapter, you should be able to:  Configure IP addresses  Identify & select valid IP addresses for networks  Configure.
1 Internet Service DNS & BIND OPS335 Seneca College of Applied Technology.
Domain Name Registration, ICANN, Registrars & Hosting Options
A proposal to deprecate ip6.int reverse DNS service in APNIC
Net 323 D: Networks Protocols
DNS Operations SIG Feb APNIC19, Kyoto, Japan
Presentation transcript:

REVERSE DNS Why and how AFRINIC-II Maputo,Mozambique 26 April 2005 Alain AINA

WHY Who clients/users are ? Every DNS entry name-IP (A record) must have a correspondence IP-name(PTR record) Otherwise: –Acces denied to certains services (ftp, mail, IRC,....) –Hard network debug (traceroute) –More undesirable network traffic

HOW net com afrin ic www mz co tislabs who is sun moon google arpa in-addr IP v4 addresses IP v6 addresses ip6 DNS TREE

IPV4

Mapping IPv4 address in DNS Example –192/8 is allocated to RIR –192.26/16 is allocated by RIR to LIR/ISP – /24 is assigned by ISP to a company. Delegation in the DNS: –root delegates 192 domain to RIR –RIR delegates “26” sub-zone to ISP –ISP delegates “1” sub-zone to company. Name that makes this possible: – in-addr.arpa.

Mapping IPv4 address to names In IPv4 the mapping is done on 8 bit boundaries(class full), address allocation is class less –/8, /16, /24 Zone administration does not always overlap address administration If you have a /22 of address space: divide it in /24s and request a delegation for each one of them

LIR and end-users PI Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Create the domain object in the RIR database –Only /16 and /24 If authentication and dns check are OK, delegation is visible next time RIR push zone file

End-users Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Contact your ISP –<=/24 For < /24 –RFC 2317

domain object domain: in-addr.arpa descr: AFNOG05 conference network, 9-30 april 2005 admin-c: GJDG-AFRINIC tech-c: GJDG-AFRINIC zone-c: GJDG-AFRINIC nserver: ns a.ws.afnog.org nserver: ns b.ws.afnog.org mnt-by: AFNOG-MNT changed: source: AFRINIC

IPV6

Allocations policy –/23 allocated to RIR –/32 allocated to LIR/ISP –/48 assigned to end users in general –/64 assigned to end users when only one net is used –/128 assisgned to end users when only one device is used Policy is moving Allocations policy

Number is translated into 4 bit nibbles under the ip6.arpa. 2001:0238::a00:46ff:fe06: e.f.f.f a ip6.arpa. If you have a /23, split into 2 /24s If you have a /47, split into 2 /48s Mapping IPv6 address in DNS

Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Create the domain object in the RIR database –/32 If authentication and dns check are OK, delegation is visible next time RIR pushes zone file LIR and end-users PI

Configure your authoritative NS for the reverse zones –Follow DNS recommendations (RFC 2182,1912) Contact your ISP –/48, /64, /128 End-users

domain: ip6.arpa descr: Reverse delegation for Renater sub-TLA admin-c: BT261-RIPE tech-c: BT261-RIPE tech-c: GR1378-RIPE zone-c: GR1378-RIPE nserver: sem2.renater.fr nserver: imag.imag.fr nserver: iode.ipv6.pps.jussieu.fr nserver: ns3.nic.fr mnt-by: RENATER-MNT changed: changed: source: RIPE domain object

References ocs/supporting/afsup-rev htmhttp:// ocs/supporting/afsup-rev htm

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.