nsd a Name Service Daemon

Slides:



Advertisements
Similar presentations
Olaf M. Kolkman. APNIC, 6 February 2014, Bangkok. DNSSEC and in-addr an update Olaf M. Kolkman
Advertisements

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Introduction.
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
The new APNIC DNS generation system. Previous System Direct access to backend whois.db files – Constructed radix tree in memory from domain objects –
DNS Security Extension (DNSSEC). Why DNSSEC? DNS is not secure –Applications depend on DNS ►Known vulnerabilities DNSSEC protects against data spoofing.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
Peter Janssen, EURid.eu Ljubljana, RIPE 64, 2012 Peter Janssen, EURid.eu Ljubljana, RIPE 64, April
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Olaf M. Kolkman. Apricot 2003, February 2003, Amsterdam. /disi Steps towards a secured DNS Olaf M. Kolkman, Henk Uijterwaal, Daniel.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 17 Domain Name System (DNS)
DNS: Domain Name System
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.
Olaf M. Kolkman. Domain Pulse, February 2005, Vienna. DNSSEC Basics, Risks and Benefits Olaf M. Kolkman
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Module 5: Planning a DNS Strategy. Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating.
CcTLD/ICANN Contract for Services (Draft Agreements) A Comparison.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Olaf M. Kolkman. Apricot 2005, February 2005, Kyoto. DNSSEC An Update Olaf M. Kolkman
DNS Dynamic Update Performance Study The Purpose Dynamic update and XFR is key approach to perform zone data replication and synchronization,
Karrenberg et. Al.. RIPE 43, September 2002, Ρόδος. DISTEL Domain Name Server Testing Lab Daniel Karrenberg with Alexis Yushin, Ted.
© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Practicalities.
Module 6: Managing and Monitoring Domain Name System (DNS)
* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.
DNS Session 5 Additional Topics Joe Abley AfNOG 2006, Nairobi, Kenya.
A study of caching behavior with respect to root server TTLs Matthew Thomas, Duane Wessels October 3 rd, 2015.
Mitigating DNS DoS Attacks Hitesh Ballani, Paul Francis 1.
Olaf M. Kolkman. IETF55, November 2002, Atlanta GA. 1 key-signing key flag [1] & wildcard-optimization [2] Olaf Kolkman [1] with.
RIPE 43, September 2002, Ρόδος. nsd a Name Service Daemon Alexis Yushin, Daniel Karrenberg, Olaf Kolkman,
1 CMPT 471 Networking II DNS © Janice Regan,
Module 4 DNS Installation. DNS Software BIND (80+ %) Berkeley Internet Name Domain NSD (Name Server Daemon)
Olaf M. Kolkman. IETF58, Minneapolis, November DNSSEC Operational Practices draft-ietf-dnsop-dnssec-operational-practices-00.txt.
Workshop Overview & Registry Model Model by Jaap Akkerhuis Related by Daniel Karrenberg.
Empowering Your Collections Team. The Collections Management Query Process Design, organize, Implement 1 The Collections Query 2 How Can We Use a Query.
DNSSec.TLD is signed! What next? V.Dolmatov November 2011.
THE DNS (DOMAIN NAME SYSTEM). Before the DNS, all computers connected to the internet through ARPANET (the worlds first operational packet switching network).
BIND 10 DNS Project Status + DNS Resolver Status/Plans Shane Kerr 23 January 2013.
Security Issues with Domain Name Systems
Chapter 9: Domain Name Servers
Database backed DNS.
Principles of Computer Security
IMPLEMENTING NAME RESOLUTION USING DNS
Chapter 25 Domain Name System.
Geoff Huston APNIC Labs September 2017
DNS.
DNS Session 5 Additional Topics
CoreDNS and Kubernetes
DNS and Bind Presenter David Wood
DNS Cache Poisoning Attack
Sample Presentation. Slide 1 Info Slide 2 Info.
Chapter 19 Domain Name System (DNS)
DNSSEC Basics, Risks and Benefits
EE 122: Domain Name Server (DNS)
Root KSK Roll Update DNS-OARC 27 Matt Larson, VP of Research
Source Code Control Systems
Introduction to the DNS system
Chapter 25 Domain Name System
Chapter 25 Domain Name System.
Chapter 25 Domain Name System
Introduction to the DNS system
Domain Name System: DNS
Just add slides to this presentation.
Technical Implementation for Chinese domain name
Monitoring with logging
1. Why Marketing Research?
Presentation transcript:

nsd a Name Service Daemon Alexis Yushin, Daniel Karrenberg, Olaf Kolkman, Ted Lindgreen with Erik Rozendaal, Jaap Akkerhuis, Miek Gieben, …

Presentation Outline Why nsd ? What is nsd ? Who should use nsd ?

Why nsd? Code Diversity Simplicity Performance Open Source

What is nsd? Authoritative-Only DNS Name Server No recursion No caching No dynamic update No zone transfers Implemented from Scratch High Performance Design DNSSec Ready Well Tested

Basic nsd Design Zone Compiler bserved Zone Loads Responses Files Queries Responses daemon Responses

Performance Results

Performance Results

Performance Results

Performance Results “Marketing Version”

Goals Achieved ? Code Diversity Simplicity Performance Open Source Totally New Design Bug Diversity Simplicity Daemon kept as small as possible (~1000 lines C) No creeping featurism (total 5684 lines C) Performance See above Open Source Yes (BSD License)

Who should use NSD? Publishers of authoritative zone info Root Servers (some) TLD servers … Who should not use nsd Recursing name servers Servers really needing dynamic updates nsd-1.0.1 is available. It is stable.

Questions??? Slides and other information (will be) available from http://www.ripe.net/ Nsd-1.0.1: http://www.nlnetlabs.nl/ nsd/index.en.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.