Presentation is loading. Please wait.

Presentation is loading. Please wait.

Aristotle Balogh February 2000 NSI Registry Update NANOG 18, San Jose, California Aristotle Balogh February 6, 2000.

Published byMorris Barker Modified over 9 years ago

Similar presentations

Presentation on theme: "Aristotle Balogh February 2000 NSI Registry Update NANOG 18, San Jose, California Aristotle Balogh February 6, 2000."— Presentation transcript:

1 Aristotle Balogh February 2000 NSI Registry Update NANOG 18, San Jose, California Aristotle Balogh February 6, 2000

2 Aristotle Balogh February 2000 Agenda Background Registry Operating Metrics gTLD RFP and deployment plans/status Root and gTLD stat’s Next-generation stuff –Multicast satellite dist –DNSSEC

3 Aristotle Balogh February 2000 NSI Registry System Loads I Live operations with NSI registrar in April 1999 First non-NSI registrar in June 1999 By August 1999 –8 total registrars –Read-Write Create/Update/Delete Loads 132,000 operations per day 3.67 operations per second during busy hour –Read-Only Query Loads 1,300,000 operations per day 36.11 operations per second during busy hour

4 Aristotle Balogh February 2000 NSI Registry System Loads II February 2000 –25+ total registrars –Read-Write Create/Update/Delete Loads 256,000 operations per day (94% increase) 7.11 operations per second during busy hour –Read-Only Query Loads 5.2M operations per day (300% increase) 144.44 operations per second during busy hour

5 Aristotle Balogh February 2000 Reliability, Availability, Scalability “Dial Tone” Quality Product –“Hot” primary/secondary data centers –Read-Only (RO) operations separated from Create, Update, and Delete (CUD) operations –Self-help tools and protocol enhancements Repeatable Engineering Processes –Requirements, configuration, release, defect tracking, and escalation management with integrated tool support –Automated stress, performance and integrity testing –Detailed project planning, tracking, and oversight

6 Aristotle Balogh February 2000 gTLD Site Selection Request for Proposal RFP Objective: “Identify and place the gTLD servers at the topological cores of the Internet; put gTLD DNS infrastructure under contractual framework” Requirements Proximity to Internet hosts and users Internet connectivity Peering relationships Adequate site facilities Technical support Price Process: RFP distributed to over 80 qualified vendors in Nov/Dec 1999

7 Aristotle Balogh February 2000 gTLD Site Selection Request for Proposal RFP Results 28 vendors registered to provide proposals 20 vendors responded with proposals Proposals currently being evaluated Sites being visited Selected vendors to be identified during February 2000 Schedule Deployment of next generation systems scheduled to begin Feb, 2000 through July 15, 2000

8 Aristotle Balogh February 2000 Average QPS for A, J & J.gtld

9 Aristotle Balogh February 2000 Root and GTLD Servers Growth in.com is accelerating Pushing resources to the limits Axfer off of a.root-servers.net is no longer feasible (E450) Zone propagation is growing (3+ hours) to distant sites. Queries per second (QPS is growing).

10 Aristotle Balogh February 2000 Average QPS for A & J Root Servers

11 Aristotle Balogh February 2000 Top 10 a.root-servers.net Queries

12 Aristotle Balogh February 2000 Top 10 j.root-servers.net Queries

13 Aristotle Balogh February 2000 Top 10 j.gtld-servers.net Queries

14 Aristotle Balogh February 2000 Named Memory Usage

15 Aristotle Balogh February 2000 Average QPS - a.root-servers.net

16 Aristotle Balogh February 2000 Average QPS - j.root-servers.net

17 Aristotle Balogh February 2000 Average QPS - j.gtld-servers.net

18 Aristotle Balogh February 2000 Satellite Based Zone File Distribution Challenges with current zone file distribution –Large file size (e.g. com.xfer is about 1.4 GB) –Files sizes growing exponentially –Variable latency and congestion on the Internet causes problems during zone transfer. –Long transfer times for remote sites (e.g. 4 hrs for Hong Kong site) –Zone file distribution time limits frequency of zone file distribution (currently twice a day)

19 Aristotle Balogh February 2000 Distributing zone files via satellite: –Enables use of compressed zone files (com.xfer.gz is 120 MB) –Scalable: Impact of file size growth is less –Provides fixed latency and congestion free transport –Simultaneous delivery of zones –Less load on zone distribution servers –Enables more frequent zone file updates (e.g. 4 times a day) Satellite Based Zone File Distribution

20 Aristotle Balogh February 2000 Timeline: Satellite Based Zone File Distribution

21 Aristotle Balogh February 2000 DNS Security Issues Participated in a number of workshops –non-trivial to setup –current implementation is buggy What the future holds –Has to only work in EDNS-aware servers (packet overflow on the roots for UDP on present 512 byte limitation). –Bind 8.x will not work.

22 Aristotle Balogh February 2000 DNS Security Changes Registrar/Registry split means that client has to go through registrar to have registry to sign. Steps: –Registrar needs to identify the domain holder and selects key that they desire to have signed with) –Registrar identifies itself with the registry –Verify that domain is with registrar –Signs domain public key –Signed key is returned to domain holder

23 Aristotle Balogh February 2000 DNS Security Changes Issues for NSI Registry –Registrars need to setup a front-end signing service for their domain holders) –RRP (the protocol that is between the registrar and registry) needs to be enhanced –Performance issues –Security issues on the key

24 Aristotle Balogh February 2000 Contact Info Registry Engineering –Ari Balogh abalogh@netsol.com DNS/gTLD Programs –Tom Newell tomn@netsol.com –Mark Kosters markk@netsol.com

Download ppt "Aristotle Balogh February 2000 NSI Registry Update NANOG 18, San Jose, California Aristotle Balogh February 6, 2000."

Similar presentations

© 2008 EBSCO Information Services SUSHI, COUNTER and ERM Systems An Update on Usage Standards Ressources électroniques dans les bibliothèques électroniques.

© 2008 EBSCO Information Services SUSHI, COUNTER and ERM Systems An Update on Usage Standards Ressources électroniques dans les bibliothèques électroniques.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Integrated Ocean Observing System (IOOS) Data Management and Communication (DMAC) Standards Process Julie Bosch NOAA National Coastal Data Development.

Integrated Ocean Observing System (IOOS) Data Management and Communication (DMAC) Standards Process Julie Bosch NOAA National Coastal Data Development.
NLIT 09 Presentation Page 1 Vision – Service – Partnership Page 1 WAN Acceleration Using Cisco WAAS Robert Morrow National Security Technologies LLC

NLIT 09 Presentation Page 1 Vision – Service – Partnership Page 1 WAN Acceleration Using Cisco WAAS Robert Morrow National Security Technologies LLC
Registration Services Mark Kosters 9 June 1998. Mark Kosters 9 June 1998 NANOG Meeting Dearborn, Michigan Outline l Current InterNIC Statistics l Customer.

Registration Services Mark Kosters 9 June Mark Kosters 9 June 1998 NANOG Meeting Dearborn, Michigan Outline l Current InterNIC Statistics l Customer.
Massive Scale Name Management: Lessons Learned from the.COM Namespace Mark Kosters 20 Aug 1999.

Massive Scale Name Management: Lessons Learned from the.COM Namespace Mark Kosters 20 Aug 1999.
ManageEngine TM Applications Manager 8 Monitoring Custom Applications.

ManageEngine TM Applications Manager 8 Monitoring Custom Applications.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.

Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Domain Name System: DNS

Domain Name System: DNS
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.

DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.

1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.

Similar presentations

Ads by Google