Home Gateways and DNS Ray Bellis, Advanced Projects, Nominet UK IETF 76, Hiroshima, 9 th November 2009.

Slides:

Advertisements

Similar presentations

DNSSEC Support in SOHO CPE OARC Workshop Ottawa 24 th September 2008.

Advertisements

DNS Proxy Bypass by Recursive DNS Discovery and LOCAL.ARPA draft-ietf-dns-recursive-discovery Ray Bellis IETF76 DNSOP WG Hiroshima, 11 th November 2009.

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.

1 Basic Installation and GUI Tech Basic Installation and GUI : Objectives  Installing the Quadro  Configuring the Quadro  Installing IP phones.

4: Network Layer4a-1 IP Addressing: introduction r IP address: 32-bit identifier for host, router interface r interface: connection between host, router.

© 2007 Cisco Systems, Inc. All rights reserved. 1 Network Addressing Networking for Home and Small Businesses – Chapter 5.

A Question of Protocol Geoff Huston APNIC. Originally there was RFC791:

Presented by Serge Kpan LTEC Network Systems Administration 1.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

1 Computer Networks IP: The Internet Protocol. 2 IP is a connection-less, unreliable network layer protocol IP provides best effort services in the sense.

DHCP and Network Settings What is DHCP and its function, what is a Gateway and why do we need one, what is DNS? Presentation written by Carol A. Hopkins.

11- IP Network Layer4-1. Network Layer4-2 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection.

Transition Mechanisms for Ipv6 Hosts and Routers RFC2893 By Michael Pfeiffer.

Basic TCP/IP Networking

Internet Networking Spring 2003

BA Telecommunications and Networking Dr. V.T. Raja Oregon State University

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 7 Internet Protocol Version4.

1 IPv6 Address Management Rajiv Kumar. 2 Lecture Overview Introduction to IP Address Management Rationale for IPv6 IPv6 Addressing IPv6 Policies & Procedures.

NetComm Wireless Transparent Bridge Mode Feature Spotlight.

Internet Video Conferencing Phone

Installing Active Directory on Windows Server 2008 R2 Installing Active Directory on a fresh Windows Server 2008 R2 machine in a home network. These instructions.

A question of protocol Geoff Huston APNIC 36. Originally there was RFC791: “All hosts must be prepared to accept datagrams of up to 576 octets (whether.

LIS Discovery using IP address and Reverse DNS draft-thomson-geopriv-res-gw-lis-discovery-03 Ray Bellis, Advanced Projects, Nominet UK IETF 77, GeoPriv.

Routing. A world without networks and routing  No connection between offices, people and applications  Worldwide chaos because of the lack of centralized.

Technology ICT Communications & Computer Networks Resource Notes - Network Software.

Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Internet Control Message Protocol ICMP author -- J. Postel, September The purpose.

DHCP Dynamic Host Configuration Protocol. Introduction Client administration:  IP address management: They need to ease the process of joining the network.

資管 Lee Application Layer and Client-Server Model A3.

1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.

Common Devices Used In Computer Networks

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

Basic Transition Mechanisms for IPv6 Hosts and Routers -RFC 4213 Kai-Po Yang

1 Chapter 4: Network Layer r 4.4 IP: Internet Protocol m Datagram format m IPv4 addressing m ICMP m IPv6 r 4.5 Routing algorithms m Hierarchical routing.

© 2007 Cisco Systems, Inc. All rights reserved. 1 Network Addressing Networking for Home and Small Businesses – Chapter 5 Darren Shaver – Modified Fall.

Draft-thomson-geopriv-res-gw-lis-discovery Ray Bellis Nominet UK IETF79.

Understanding Networking Joe Cicero Northeast Wisconsin Technical College.

1 Network Layer Lecture 15 Imran Ahmed University of Management & Technology.

BAI513 - PROTOCOLS DHCP BAIST – Network Management.

DHCP/BOOTP Dynamic Host Configuration Protocol Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically.

Guide to TCP/IP, Third Edition Chapter 8: The Dynamic Host Configuration Protocol.

ICF-1600 P2P Configuration Internet Video Conferencing Phone Copyright © PLANET Technology Corporation. All rights reserved.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

Transport Layer3-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

Presented by Rebecca Meinhold But How Does the Internet Work?

Chapter 17 BOOTP and DHCP.

1 Requirements for Internet Routers (Gateways) and Hosts Relates to Lab 3. (Supplement) Covers the compliance requirements of Internet routers and hosts.

Networks. Ethernet  Invented by Dr. Robert Metcalfe in 1970 at Xerox Palo Alto Research Center  Allows group of computers to communicate in a Local.

The Internet Network layer

Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.

&. & DNS and IPv6 IPv6 Summit, Canberra 31st October & 1 st November 2005 Chris Wright, Chief Technology Officer &

 Router Configurations part2 2 nd semester

V6OPS WG IETF-72 IPv6 in Broadband Networks draft-kaippallimalil-v6ops-ipv6-bbnet Presented by: David Miles Kaippallimalil John Frank Xia July 2008.

11 CS716 Advanced Computer Networks By Dr. Amir Qayyum.

End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: interne t interface DNS server IP:

1 COMP 431 Internet Services & Protocols The IP Internet Protocol Jasleen Kaur April 21, 2016.

NT1210 Introduction to Networking

Lecture 13 IP V4 & IP V6. Figure Protocols at network layer.

Guidelines for IPFIX Implementations on Middleboxes Juergen Quittek, Martin Stiemerling 59th IETF meeting, IPFIX WG.

1 Kyung Hee University Chapter 16 Host Configuration : BOOTP and DHCP.

IP - The Internet Protocol

IP - The Internet Protocol

NAT Configuration For ZyXEL ADSL Wireless Router

Network Hardware and Protocols

Chapter 16 Host Configuration : BOOTP and DHCP

IP - The Internet Protocol

Presentation transcript:

Home Gateways and DNS Ray Bellis, Advanced Projects, Nominet UK IETF 76, Hiroshima, 9 th November 2009

Previous Research “DNSSEC Impact on Broadband Router and Firewalls” Joint study between Nominet UK and Core Competence Expansion of.SE’s previous study Devices tested: –4 SOHO Firewalls –12 Dual Ethernet “Gateways” –8 ADSL Routers Published by ICANN SSAC (SAC035) September 2008

Proxy Behaviour #1 Responses truncated at 512 bytes (without setting TC) Responses having TC flag cleared in transit Packets dropped in either direction when CD=1 or AD=1 EDNS0 packets black-holed or rejected No support for failover to TCP Many implementors have only implemented RFC 1035 and nothing since: These can break DNS and DNSSEC

Proxy Behaviour #2 Fragment reassembly was a big problem –Some fragments black-holed –Some sent from the wrong Source IP –Typically evident in packets near the WAN MTU Devices that were “dumb” about DNS tended to do better than “smart” devices, but only so long as they did the rest of UDP/IP correctly:

DHCP Behaviour 15 devices put their own (LAN) IP address in their DHCP server’s “Domain Name Server” option –But 9 of those 15 have no way to change the DHCP settings A further six devices put the upstream addresses in, but only once the WAN link is up (“chicken and egg” problem) The remaining three don’t proxy by default

Why proxy at all? Why do home gateways have DNS proxies in them? –To establish stable DHCP offers? –Because TR069 says so? –Other reasons? Are there better alternatives? –Issue a (very) short DHCP lease until the WAN is up? –Ensure that end-users can configure DNS via the router’s DHCP settings –Heuristics to bypass the proxy? (e.g. draft-bellis-dns-recursive-discovery-01)

But if you must proxy… … please do it properly RFC 5625 (BCP 152) - August 2009 –Summarizes flaws found –Uses IETF language –Recommends core DNS-related RFCs that must be implemented to be compatible with current DNS technologies