DITL 2008-2009 George Michaelson APNIC

Slides:



Advertisements
Similar presentations
Measuring IPv6 Deployment Geoff Huston George Michaelson
Advertisements

1 Brett Carr OARC, November 2006, Redmond RIPE NCC DNS Services Overview Brett Carr Manager, DNS Services RIPE NCC.
Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March
DITL & APNIC George Michaelson APNIC 26, Christchurch.
1 Technical Area highlights and priorities APNIC Member Meeting 29 February 2008 APNIC 25, Taipei George Michaelson.
Update on IANA APNIC Meeting 29 February 2008 Barbara Roseman Internet Assigned Numbers Authority.
1 Deprecation of ip6.int reverse DNS service in APNIC Project update IPv6 technical SIG, APNIC 21 1 March 2006 Sanjaya.
APNIC Update AfriNIC 10 May2009. Overview APNIC 27 policy outcomes APNIC Members and Stakeholder Survey IPv6 Program Research and development activities.
APNIC Update AfriNIC 11 November Overview Services status Policy developments Priority activities Next meetings.
1 News from APNIC AfriNIC 9 27 November Coming up Some numbers Some service updates Some policy news 2.
Distributed Web Systems Name Services Lecturer Department University.
APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.
1 Addition of IPv6 servers to in-addr.arpa tree DNS Operations Sig APNIC 18 2 September 2004, Fiji.
IPv6 and.HK Ben Lee HKIRC 01 March Agenda 1. Why IPv6 for.hk 2. Roadmap of IPv6 deployment 3. Current status 4. Considerations 5. Further work.
Measuring IPv6 Geoff Huston APNIC Labs, February 2014.
Yerevan, July 11, Armenian edition of Jovan Kurbalija’s book “Internet Governance” I.Mkrtumyan, ISOC AM H.Baghyan, MediaEducation Center.
Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.
DNS DOMAIN NAME SYSTEM NAME SYSTEM By Lijo George.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.
DOMAIN NAMING SYSTEM (AN OVERVIEW) By -DEEPAK. Topics --DNS What is DNS? Purpose of DNS DNS configuration files.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Technical Area Report Bryon Ellacott, Technical Area Manager APNIC 28.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
CS 4396 Computer Networks Lab
George Michaelson, Geoff Huston APNIC Measuring IPv6 Users.
DNS root server deployments George Michaelson DNS operations SIG APNIC17/APRICOT 2004 Feb KL, Malaysia.
Name Resolution Domain Name System.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Domain names and IP addresses Resolver and name server DNS Name hierarchy Domain name system Domain names Top-level domains Hierarchy of name servers.
INTERNET Sujata Rao. What is INTERNET? The Internet, sometimes called simply "the Net," is a worldwide system of computer networks. A network of networks.
Arthur Harris Gennadiy Kofman James Mendoza Domain Name System.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Module 5: Planning a DNS Strategy. Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating.
Chapter 13 Microsoft DNS Server n DNS server: A Microsoft service that resolves computer names to IP addresses, such as resolving the computer name Brown.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 6: Name Resolution.
1 Internet Presentation GCC-IT commity Saleem Al-Balooshi ETISALAT.
Domain Name System CH 25 Aseel Alturki
Measuring IPv6 Deployment Geoff Huston George Michaelson
Measuring IPv6 Deployment Geoff Huston George Michaelson
Pharming Group 10: Phuc H. Dao Anita Lugonja. Motivation To give students an opportunity to learn about DNS poisoning To give students an opportunity.
Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb KL, Malaysia.
Port and Message ID Analysis of Resolvers Querying.com/.net Name Servers David Blacka Matt Larson September 24, 2008 DNS OARC Meeting, Ottawa, Canada.
Domain Name System (DNS). DNS Server Service Overview of Domain Name System What Is a Domain Namespace? Standards for DNS Naming.
CS 3830 Day 10 Introduction 1-1. Announcements r Quiz #2 this Friday r Program 2 posted yesterday 2: Application Layer 2.
APNIC Security Update APSIRCC 2002 Tokyo, 25 March 2002.
DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address.
1 Kyung Hee University Chapter 19 DNS (Domain Name System)
Happy Eyeballs for the DNS Geoff Huston, George Michaelson APNIC Labs October 2015.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 18 Domain Name System (DNS)
Internet Protocol Addresses What are they like and how are the managed? Paul Wilson APNIC.
APNIC DNSSEC deployment considerations APNIC 23, Bali George Michaelson R&D Officer APNIC.
Design and Implementation of a High-Performance distributed web crawler Vladislav Shkapenyuk and Torsten Suel Proc. 18 th Data Engineering Conf., pp ,
OARC Status Keith Mitchell OARC Programme Manager DNS Operations Meeting 27 th July 2007.
September, 2003 Bill Woodcock Packet Clearing House
Getting started with ICANN
Chapter 25 Domain Name System.
IEPG Minneapolis, March 1999
Benefits of Using Domain Name System (DNS)
Measuring IPv6 Deployment
Net 323 D: Networks Protocols
Status report on primary and secondary DNS load
Presentation transcript:

DITL George Michaelson APNIC

APNICs DNS RIRs are the delegation points for in-addr, ip6.arpa. zones. –APNIC is the master DNS for the Asia-Pacific reverse-DNS Supplies secondary DNS servers for other RIR in the AP region. Lowers RTT for lookups within region. 3 locations: Brisbane, Tokyo, Hong Kong –Co Located, 100mbit switching fabric –Good local & international connectivity

APNICs DNS APNIC has two forms –The NS hosts (ns1, ns3, ns4) APNICs primary NS for its in-addr.arpa/ip6.arpa The entire Asia-Pacific managed IP address space –The SEC hosts (sec1, sec3) Secondary NS for the other RIR Also hosts a range of ccTLD, other forward namespaces Whats the behavior of these services? What do they do?

One month…

Most days look the same……

One Week…

Regular behaviour in a day…

One Day …

Interesting events in a day?

DITL AP region

Patterns of usage Change over the long baseline Understand traffic, load Plan for the future Research…

Day In The Life Continuous packet capture of DNS servers, IX, other places of interest –across at least one 24h period. Organized by CAIDA –Data warehouse provided by OARC –Tools from OARC, ISC, the measurement factory Provides resource for longer term analysis –Data archive warehouse –Opportunity for retrospective/review of data Long baseline resource

Day In The Life First collection 2006 –4 DNS participants, selected campus/local IX Fourth event (March 29-April2) –37 participants, ~190 nodes of collection –Of the order 4Tb data (!) APNIC contributing since 2008 –from all operated DNS servers –this only represents a subset of APNIC NS serve, for its own domains. secondary NS of APNIC ranges are hosted at other RIR –DITL data capture system provides APNIC internal logging/measurement on an ongoing basis

Participants afilias apnic arin arl as112-gf brave caida camel cira cogent cznic everydns icann iis isc isi lacnic level3 namex nasa nethelp niccl nixcz nominet nrcca oarc orsnb pktpush qwest regbr ripe switch ultradns uninett uniroma2 verisign wide

Data Capture tap DNS server collector no packet loss data collection 1 packet switchover to passive if power loss Collector doesnt impact DNS server cpu & disk cycles Offline storage, long term data retention Internet

AP DiTL Data Capture (gb)

Brief quiz If you had DNS in 2008… Would you use the same IP address to do DNS in 2009? –(I would: I dont change my resolver that much) How many unique IP addresses seen in 2008 do you expect to see in 2009? –(I expected to see a lot. The majority in fact) …….

Unique IPs in 24h Both years

Not a lot of Address re-use Slightly less than 1/3 of the IP addresses seen, were seen the year before. Seems counter-intuitive: –infrastructure DNS is believed to be machine driven, and from company/internal DNS servers, resolvers Which are expected to be on stable IP addresses For further study –Large numbers of non-infrastructure clients?

Brief quiz If a DNS server queries for reverse-DNS… Would you not expect it to query for a lot of reverse DNS? –(I would: applications which do reverse seem to do a lot) What sort of curve-shape of #lookups do you expect? –(I expected to see a lot of lookups from most hosts. The majority in fact) …….

How often do people query? Most queriers do very little A very few do a LOT

This is strange… The majority of seen IP addresses do one, or only a few queries. –A very few addresses seen, do hundreds or thousands of queries –<10 do millions. PTR: infrastructure DNS? –If its infrastructure, why so much volatility in the IP addresses doing DNS querying? Its not SOA fetching. Most queries are PTR –Expected to see far more persistent IP addresses across 2008/2009.

This is strange… End-user boxes doing reverse-DNS? –Firewalls, probe-tests, other applications? –For further study. Suggests the real count of deployed infrastructure resolvers hitting APNIC DNS servers is lower than we thought –<millions. Most hits from singletons –Still, traffic is traffic: people want DNS from us

V4/V6 comparisons

Queries by IP protocol

Rather pretty 10:100:1000:10000 ratio. Infrastructure DNS now flows over V6 Even some over tunneling technology Might indicate emerging V6 uptake 6rd appears countable suggests deploying 6to4 inside ISP can encourage uptake Signs of Increased V6 usage –But not enough to head off a problem in the context of V4 exhaustion.. Yet.

Tunneled V6 for DNS? Evidence the Teredo DNS is p2p –Clients embed DNS resolver, do reverse-DNS on display of peer sets –(N.Ward, Google-IPv6 workshop) Not a good choice for service dependency! 6to4 very likely to be combination of –Linux/FreeBSD –Mac, eg and other OSX 6to4 –Approx 1500 registered reverse 6to4 zones

Overall V4/V6 NS

Overall V4/V6 SEC

V4/V6 Relativities changing Overall, IPv4 unique IP address counts fairly constant –of the order 100,000 per 10min sample window but with some increase in SEC IPv6 saw an increase for the NS hosts –Addition of IPv6 in Hong Kong probably attracted traffic into region –Overall IPv6 levels consistent NS/SEC now Still 2 orders of magnitude smaller than IPv4

Its not Just the Asia-Pacific! Even noting the RTT, Many EU located economies use Asia Pacific located DNS servers to resolve PTR queries. –Ie, SEC queries in both V4 and V6 include Europe, Africa, Americas Interesting to speculate if the lookup ratios reflect traffic, other measures of inter-economy dataflow For further study

Lessons learned : 1hour captures –Huge risks if capture failed –Harder to upload to OARC (serialized) –2009: 10 minute captures, parallel upload 2008: ran capture hosts on localtime –…but NTP was broken (2+hr offset) –2009: ran capture hosts on UTC, NTP checked! 2008: full capture, query + response –2009: unable to capture responses on sec3 Too much data. Need to rethink what the value is in reply

Observations Infrastructure DNS is very odd. –More volatility in the query IP address than expected –Use of Teredo, other tunnels increasing –Use of IPv6 increasing –Some indications day-on-day comparison 2008/9 that V4 is not increasing significantly –Per economy, results can be confusing Worth further study!

DITL by regions overall query rate

UN Region breakdowns

Use of Reverse-DNS is not equal worldwide –Strong use in specific economies, regions –Data volume variations swamp individual economies (US, JP excepted) –Some strong signals evident that relate to specific regions Logfile processing, cron-jobs, DNS polling? What is happening in Asia?

E. Asia in the World of DNS

Clearly.. Something is coming out of East Asia…

E. Asia breakdowns

East Asia breakdowns Very strong indications that specific daily events tie to specific (sub)region –Almost all of the significant spike in worldwide DNS load comes from East Asia –Almost all of the spike within East Asia comes from Japan

DITL AP region

Consistent behavior visible –Overall trend across 24h –Per-day significant events Whatever these are, they are long-term behaviors Consistent growth in DNS traffic –10-20% year on year growth in overall DNS load

DITL rest of the world

Consistent behavior visible –But different to Asia-Pacific NS –JP spike not visible year on year Also consistent growth in traffic –15%-20% bigger than Asia-Pacific NS

Asia & Rest of World Time shift

Distinct time-phase differences for each category Rest of World amalgamates many distinct local timezones Asia-Pacific dominated by a few closely aligned timezones

Inter-Regional V4/V6 Comparisons

UN Regions v6/v4 usage

UN Regions observations All regions except Asia saw IPV6 growth in DNS transport Significant growth in European use of IPv6 as transport …but V6 usage still a low percentage of V4, of the order 0.2% to 1.5%

East Asia V6/V4 usage

East Asia observations Asia overall had declining IPv6 but East Asia did have some growth in use of IPv6 Less than UN rest of world regions Overall V6 usage also a low percentage of V4, of the order 0.2% to 0.8%

East Asia V6/V4 assignments

East Asia assignment obs. Assignment counts for East Asia do not correlate with observed address use in DNS V6/V4 ratios in assignment counts do not correlate with observed V6/V4 usage –Higher ratios of V6 assigned than seen in use –No relationship per-economy

How the data was processed

Day Samples

Day Samples line up

Day Samples line up strongly!

Average shows core shape

Averages can be compared

Result: year-on-year trends

DITL points make a line –3 data series makes a trend! V4/V6 relativities could aide EU V6 measurement activity DITL data informs our input to OECD, wider community. Re-use existing infrastructure –Possibly needs re-investment for DITL2011 APNIC deploying DNSSEC & Anycast 2010 –Monitor change during deployment –Predicting 2x traffic growth from DNSSEC RRSIG/NSEC costs, 40% NXDOMAIN response rate

Thank You! Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.