Presentation is loading. Please wait.

Presentation is loading. Please wait.

Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb 23-27 2004 KL, Malaysia.

Published byJocelin Adams Modified over 9 years ago

Similar presentations

Presentation on theme: "Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb 23-27 2004 KL, Malaysia."— Presentation transcript:

1 Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb 23-27 2004 KL, Malaysia

2 Problem Summary –Lame DNS reverse delegations can cause problems across the Internet: –Delays in service binding for clients using affected address ranges: timeouts in reverse-address lookup –Eg receiving party tries to resolve the calling source address. –Refusal of service due to failures during DNS processing.

3 Problem Summary –Increased DNS traffic between caching DNS nameservers and the listed DNS authority chain down from the root –Processing requests which can only fail after timeout. Measurable load on critical Infrastructure –The RIRs have been requested to investigate and reduce this traffic.

4 Problem Summary –Lame DNS reverse delegations affect The users of the network in question. Unrelated third parties. –End users cannot resolve problem directly Due to hierarchical nature of authoritative delegation. –If the network administrators do not correct errors in their DNS configurations RIR has to resume control of the delegated domain (pending delegate resuming control) disable the listing of the misconfigured servers.

5 Proposal Identify potential lameness. –(two points of test, AU & JP) Test the DNS reverse delegation –(15 day test period). Attempt to notify the domain holder –(45 day notice period). Disable lame DNS reverse delegation. –(If not corrected at end of notice period)

6 Implementation This proposal will be implemented three months after it has been accepted by the APNIC community. –Extend current lame measurement to JP location –Implement decision logic for status checks –Implement communications process to delegates –Code disable function into DNS production cycle –Collect statistics on process for report back to DNS Ops SIG, other bodies

7 Project Status Work held over pending deployment of new DNS management system Better (web based) tools to support maintenance of Reverse DNS SQL based engine backing DNS and WHOIS –Integrated data available to manage lame status checking, de-listing functions Support systems for staff –Contact scheduling system for HM dept –Project delivery re-scheduled for 2Q/04 Will report status at AMM18

8 Lame status of APNIC managed DNS DNS Status by date Date % total delegated 2002/1/06 2002/07/06 2002/10/06 2003/01/06 2003/07/06 2003/07/06 2003/10/06 2004/01/06

Download ppt "Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb 23-27 2004 KL, Malaysia."

Similar presentations

Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March 7 2002.

Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March
1 Technical Area highlights and priorities APNIC Member Meeting 29 February 2008 APNIC 25, Taipei George Michaelson.

1 Technical Area highlights and priorities APNIC Member Meeting 29 February 2008 APNIC 25, Taipei George Michaelson.
1 Deprecation of ip6.int reverse DNS service in APNIC Project update IPv6 technical SIG, APNIC 21 1 March 2006 Sanjaya.

1 Deprecation of ip6.int reverse DNS service in APNIC Project update IPv6 technical SIG, APNIC 21 1 March 2006 Sanjaya.
Early Registration Transfer (ERX) Update George Michaelson DNS SIG APNIC17/APRICOT 2004 Feb 23-27 2004 KL, Malaysia.

Early Registration Transfer (ERX) Update George Michaelson DNS SIG APNIC17/APRICOT 2004 Feb KL, Malaysia.
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.

State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.

Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.
Draft Policy 2012-1 Clarifying Requirements for IPv4 Transfers.

Draft Policy Clarifying Requirements for IPv4 Transfers.
Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.

Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
The new APNIC DNS generation system. Previous System Direct access to backend whois.db files – Constructed radix tree in memory from domain objects –

The new APNIC DNS generation system. Previous System Direct access to backend whois.db files – Constructed radix tree in memory from domain objects –
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Terry Manderson.

1 [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Terry Manderson.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Impact of Configuration Errors on DNS Robustness Vasileios Pappas, Zhiguo Xu, Songwu Lu, Daniel Massey, Andreas Terzis, Lixia Zhang SIGCOMM 2004 Presented.

Impact of Configuration Errors on DNS Robustness Vasileios Pappas, Zhiguo Xu, Songwu Lu, Daniel Massey, Andreas Terzis, Lixia Zhang SIGCOMM 2004 Presented.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.

Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.

Similar presentations

Ads by Google