Implementation of ARIN's Lame DNS Delegation Policy

Slides:



Advertisements
Similar presentations
Current practices in managing IPv4 address space Survey Update Policy SIG Feb APNIC19, Kyoto, Japan.
Advertisements

1 Deprecation of ip6.int reverse DNS service in APNIC Project update IPv6 technical SIG, APNIC 21 1 March 2006 Sanjaya.
Whois Database Clean Up Project Report Database SIG APNIC 16, Seoul, Korea 20 August 2003.
Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.
1 Axel Pawlik APNIC 22, 8 September 2006, Kaohsiung RIPE NCC Update APNIC 22.
1 [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Terry Manderson.
A Study of DNS Lameness Edward Lewis. July 14, 2002 IETF 54 Slide 2 Agenda Lameness Why (Surprise:) Spotty(?) results Approach Plans.
LAME – Next Steps Mark Kosters, CTO. Delegations tested daily until test good or removed If still lame after 30 consecutive days of testing, POCs notified.
Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.
Prepared by The Regional Internet Registries [APNIC, ARIN, LACNIC and RIPE NCC]
ARIN Update June 2000 NANOG 19Albuquerque NANOG 19Albuquerque Overview Organization & Staff Activities Regional News Membership Statistics Regional Policy.
ARIN Update Ray Plzak President & CEO. Kitakyushu September 2002APNIC 14 Overview Membership Organization News Emerging RIR Activities ARIN IX ARIN X.
1 APNIC allocation and policy update JPNIC OPM July 17, Tokyo, Japan Guangliang Pan.
Regional Internet Registries Statistics & Activities IETF 55 Atlanta Prepared By APNIC, ARIN, LACNIC, RIPE NCC.
1 San Diego, California 25 February ARIN’s Policy Development Process Current Number Resource Policy Discussions and How to Participate Owen DeLong.
1 Madison, Wisconsin 9 September14. 2 ARIN’s Policy Development Process Current Number Resource Policy Discussions and How to Participate John Springer.
Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb KL, Malaysia.
Regional Internet Registries Statistics & Activities Prepared By APNIC, ARIN, LACNIC, RIPE NCC.
Sweeping Lame DNS Delegations A Proposal DNS OPS SIG APNIC 15, Taipei, Taiwan 26 February 2003.
July 2002IEPG, Yokohama, Japan RIR Co-ordination and Joint Statistics IEPG, Yokohama, Japan Prepared By APNIC, ARIN, RIPE NCC.
Izumi Okutani JPNIC IP Department NIR Meeting Feb 2004 JPNIC Open Policy Meeting Update.
Draft Policy Globally Coordinated Transfer Policy 1.History including origin & shepherds 2.Summary 3.Status at other RIRs 4.Staff/legal assessment.
Early Registration Record Transfers Richard Jimmerson Director of Operations APNIC 11Kuala Lumpur.
1 Lame delegation status report DNS Operations SIG APNIC , Hanoi.
Using the New ARIN WHOIS Ginny Listman Director of Engineering
Engineering Update Key Projects –IPV6 Registration function is completed, tested, and ready for production IPV6 WHOIS completed, tested, and ready for.
Whois & Data Accuracy Across the RIRs. Terms ISP – An Internet Service Provider is allocated address space by an RIR for the purpose of providing connectivity.
Implementation Of Lame Delegation Policy
September, 2003 Bill Woodcock Packet Clearing House
Implementation Review Team Meeting
Regional Internet Registries An Overview
IEPG Minneapolis, March 1999
RIR Co-ordination and Joint Statistics
APNIC Open Address Policy Meeting
A proposal to deprecate ip6.int reverse DNS service in APNIC
A Study of DNS Lameness by Ed Lewis ARIN Research Engineer
Proposer name APNIC XX Open Policy Meeting Locations Date
Lame DNS Server Sweeping
IDN Variant TLDs Program Update
AfriNIC Transition Plan
Lame delegation status report
ARIN Update John Curran President and CEO.
American Registry for Internet Numbers
Progress Report for ip6.int Deprecation
NIR SIG, 18th APNIC Meeting
Sanjaya, Project Manager, APNIC Secretariat
APNIC 14 DB SIG Report Xing Li
DNS Operations SIG Feb APNIC19, Kyoto, Japan
Transmission Planning Code Review
A Proposal to Protect Historical Records in APNIC Whois Database
DNS Operations SIG APNIC , Kyoto
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Transmission Workstream DN Interruption Update - Introduction
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Text for section 1 1 Text for section 2 2 Text for section 3 3
Recovery of Historical Resources Status Update
Proposal to Clean Up Whois Database
Status Report on Policy Implementation at the APNIC Secretariat
Status Report on Policy Implementation at the APNIC Secretariat
IPv6 Policy Update ~ APNIC community ~
Status on “Proposal for the whois database query”
Chair/co-chair of APNIC Address Policy SIG
HKU Grid Certificate Authority (HKU Grid CA) CP/CPS Reviewer’s Comments Bill Yau
Presentation transcript:

Implementation of ARIN's Lame DNS Delegation Policy Edward Lewis Research Engineer ARIN edlewis@arin.net

Abstract The membership of ARIN has approved a policy to curb lame delegations The staff is implementing it and has already seen a reduction This presentation will outline the policy, results, and how ARIN is interacting with registrants and registries June 3, 2003 NANOG 28

Background MAR 2002 – Proposed on ARIN ppml (list) APR 2002 – Discussion at ARIN IX JUN 2002 – Measured extent of problem SUM 2002 – Discussion on email lists OCT 2002 – Discussion at ARIN X NOV 2002 – Policy adopted DEC 2002 – Implementation activity begins June 3, 2003 NANOG 28

Policy Summary June 3, 2003 NANOG 28

Policy Summary Four Phases June 3, 2003 NANOG 28

Policy Summary Four Phases Test June 3, 2003 NANOG 28

Policy Summary Four Phases Test Identify Lame Delegation June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC If No Contact Proceed to Next Step June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC E-mail the ASN POC June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC E-mail the ASN POC If No Contact Proceed to Next Step June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC If No Contact Proceed to Next Step June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC If No Contact Proceed to Next Step June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Evaluate Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC June 3, 2003 NANOG 28

Policy Summary Four Phases Test Attempt Contact Evaluate Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC Wait 30 Days June 3, 2003 NANOG 28

Delegation Declared Lame Policy Summary Four Phases Test Attempt Contact Evaluate Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC Wait 30 Days Delegation Declared Lame June 3, 2003 NANOG 28

Delegation Declared Lame Policy Summary Four Phases Test Attempt Contact Evaluate Remove Delegation Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC Wait 30 Days Delegation Declared Lame June 3, 2003 NANOG 28

Delegation Declared Lame Policy Summary Four Phases Test Attempt Contact Evaluate Remove Delegation Identify Lame Delegation E-mail the network POC E-mail the ASN POC Telephone the network or ASN POC Postal Mail the network or ASN POC Remove NS Delegations Update WHOIS Record Delegation Determined to be Lame Evaluation Date of the Lame Delegation Contact has been Attempted Unsuccessfully Date Record Updated Wait 30 Days Delegation Declared Lame Update Record June 3, 2003 NANOG 28

Lame Delegation Test Query for SOA record of zone Try all IP addresses for each server of zone In response, flag as lame if: No Authoritative Answer (AA) bit set AA bit set, but an empty answer section AA bit set, but answer is not an SOA record June 3, 2003 NANOG 28

What is Not Flagged Not flagged as lame in this round of testing: No IP address for name server No answer from server This will be flagged in the future June 3, 2003 NANOG 28

Timeline Notify Network POC Notify Autonomous System POC 4-6 Mar 1st Notice 18-20 Mar 2nd Notice 15 Feb Test 13 Mar Test 27 Mar Test Notify Autonomous System POC 15 May Notice 12 May Test 30 May Test June 3, 2003 NANOG 28

Zone Results bounce! Zones Checked Flagged for Lameness 13 Feb 198,213 55,281 27 Mar 35,944 12 May 28,735 30 May 34,625 bounce! June 3, 2003 NANOG 28

Server Results 13 Feb findings, percentage of servers 77% not flagged as lame (good OR no address/answer) 19% Authoritative Answer bit set to 0 4% with empty answer section <1% with a non-SOA answer (CNAME) June 3, 2003 NANOG 28

Notification Results Telephone Email 1st Notice 125 119 2nd Notice 91 141 3rd Notice - approx. 150 calls in first few days June 3, 2003 NANOG 28

Help Desk Actions Determine the problem/exact question Use “Lame” tool, BIND’s dig tool Review results with registrant Explain expected results Walk through steps to correct ARIN DB entry Refer registrant for further assistance: Their local support Vendor of their name server BIND documentation (if using a BIND server) June 3, 2003 NANOG 28

Observations People are interested This will be a deliberate process Want to correct problem Want to know what this is about Based on feedback from community: http://www.arin.net/registration/lame_delegations/index.html This will be a deliberate process June 3, 2003 NANOG 28

Next Steps Continue notification as per policy Update database information Continue testing for lameness Identify engineering issues with testing Identify implementation issues Share experiences with other registries June 3, 2003 NANOG 28

Email Addresses Discussions of lame delegations are happening in other regions too APNIC SIG on DNS issues <sig-dns.lists.apnic.net> RIPE DNS Working Group <dns-wg.ripe.net> Tool-specific mailing lists My address: edlewis@arin.net June 3, 2003 NANOG 28

Thank You