Aristotle Balogh February 2000 NSI Registry Update NANOG 18, San Jose, California Aristotle Balogh February 6, 2000.

Slides:



Advertisements
Similar presentations
© 2008 EBSCO Information Services SUSHI, COUNTER and ERM Systems An Update on Usage Standards Ressources électroniques dans les bibliothèques électroniques.
Advertisements

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Integrated Ocean Observing System (IOOS) Data Management and Communication (DMAC) Standards Process Julie Bosch NOAA National Coastal Data Development.
NLIT 09 Presentation Page 1 Vision – Service – Partnership Page 1 WAN Acceleration Using Cisco WAAS Robert Morrow National Security Technologies LLC
Registration Services Mark Kosters 9 June Mark Kosters 9 June 1998 NANOG Meeting Dearborn, Michigan Outline l Current InterNIC Statistics l Customer.
Massive Scale Name Management: Lessons Learned from the.COM Namespace Mark Kosters 20 Aug 1999.
ManageEngine TM Applications Manager 8 Monitoring Custom Applications.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Domain Name System: DNS
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
1 Enabling Secure Internet Access with ISA Server.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Chapter 7 Configuring & Managing Distributed File System
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Windows Vista: Volume Activation 2.0
1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g.,
Atif Iqbal, R. K. Bagga.  Appropriate mechanism for good governance with the involvement of Information Technology in the system of the government and.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.
Windows Server 2008 R2 Domain Name System Chapter 5.
DNS: Domain Name System
 2008, The Code Works, Inc., The Non-Technical Buyer’s Guide to Staffing Software 111 North Market Street Suite 888 | San Jose, CA | TEL:
Project 1 Online multi-user video monitoring system.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 17 Domain Name System
APNIC Status Report RIPE 45 Barcelona May The APNIC Region Ref
Data Management Kelly Clynes Caitlin Minteer. Agenda Globus Toolkit Basic Data Management Systems Overview of Data Management Data Movement Grid FTP Reliable.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
APNIC Update RIPE 59 October Overview APNIC Services Update APNIC 28 policy outcomes APNIC Members and Stakeholder Survey Next APNIC Meetings.
Engineering Report Mark Kosters. Big changes with Engineering Lots of requests for development/operations support The Board heard you Engineering growing.
Security and Stability of Root Name Server System Jun Murai (From the panel on Nov. 13 th by Paul Vixie, Mark Kosters, Lars-Johan Liman and Jun Murai)
Chapter 29 Domain Name System (DNS) Allows users to reference computer names via symbolic names translates symbolic host names into associated IP addresses.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
RFP for the.aero registry operator DAC 7 April 19, 2005 Geneva.
Department of Information Engineering The Chinese University of Hong Kong A Framework for Monitoring and Measuring a Large-Scale Distributed System in.
APNIC Update The state of IP address distribution and IPv6 deployment status Miwa Fujii Senior IPv6 Program Specialist APNIC.
Krit Witwiyaruj Thai Name Server Co., Ltd.th DNSSEC Implementation.
Kenya Network Information Centre (KENIC). Introduction KENIC is the registry for the.KE ccTLD. Local and non-profit organization Mandate is to Manage.
1 Kyung Hee University Chapter 18 Domain Name System.
Internet Real-Time Laboratory Arezu Moghadam and Suman Srinivasan Columbia University in the city of New York 7DS System Design 7DS system is an architecture.
Module 3 Planning and Deploying Mailbox Services.
Module 6: Designing Name Resolution. Module Overview Collecting Information for a Name Resolution Design Designing a DNS Server Strategy Designing a DNS.
How to use DNS during the evolution of ICN? Zhiwei Yan.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
APNIC Report RIPE 43 Rhodes, Greece 9-13 September 2002.
SLACFederated Storage Workshop Summary For pre-GDB (Data Access) Meeting 5/13/14 Andrew Hanushevsky SLAC National Accelerator Laboratory.
Information Services Internet Accounting Workshop 1 st Feb 2011 Peter Kurtz Manager, Network & Communication Services.
Securing Future Growth: Getting Ready for IPv6 NOW! ccTLD Workshop, 8 th April 2011 Noumea, New Caledonia Miwa Fujii, Senior IPv6 Program Specialist, APNIC.
Registration Services Mark Kosters 10 November 1998.
12-Jun NSI Registry Engineering & Operations Update Ari Balogh VP of Engineering
By Team Trojans -1 Arjun Ashok Priyank Mohan Balaji Thirunavukkarasu.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
COMP 431 Internet Services & Protocols
Module 11: Configuring and Managing Distributed File System.
INFSO-RI Enabling Grids for E-sciencE File Transfer Software and Service SC3 Gavin McCance – JRA1 Data Management Cluster Service.
1) The size of the Domain name system. 2) The main components of the Domain Naming System operation. 3) The function of the Domain Naming System. 4)Legislation.
Fermilab Scientific Computing Division Fermi National Accelerator Laboratory, Batavia, Illinois, USA. Off-the-Shelf Hardware and Software DAQ Performance.
Accelerating Peer-to-Peer Networks for Video Streaming
Chapter 19 Domain Name System (DNS)
Department of Licensing HP 3000 Replatforming Project Closeout Report
Presentation transcript:

Aristotle Balogh February 2000 NSI Registry Update NANOG 18, San Jose, California Aristotle Balogh February 6, 2000

Aristotle Balogh February 2000 Agenda Background Registry Operating Metrics gTLD RFP and deployment plans/status Root and gTLD stat’s Next-generation stuff –Multicast satellite dist –DNSSEC

Aristotle Balogh February 2000 NSI Registry System Loads I Live operations with NSI registrar in April 1999 First non-NSI registrar in June 1999 By August 1999 –8 total registrars –Read-Write Create/Update/Delete Loads 132,000 operations per day 3.67 operations per second during busy hour –Read-Only Query Loads 1,300,000 operations per day operations per second during busy hour

Aristotle Balogh February 2000 NSI Registry System Loads II February 2000 –25+ total registrars –Read-Write Create/Update/Delete Loads 256,000 operations per day (94% increase) 7.11 operations per second during busy hour –Read-Only Query Loads 5.2M operations per day (300% increase) operations per second during busy hour

Aristotle Balogh February 2000 Reliability, Availability, Scalability “Dial Tone” Quality Product –“Hot” primary/secondary data centers –Read-Only (RO) operations separated from Create, Update, and Delete (CUD) operations –Self-help tools and protocol enhancements Repeatable Engineering Processes –Requirements, configuration, release, defect tracking, and escalation management with integrated tool support –Automated stress, performance and integrity testing –Detailed project planning, tracking, and oversight

Aristotle Balogh February 2000 gTLD Site Selection Request for Proposal RFP Objective: “Identify and place the gTLD servers at the topological cores of the Internet; put gTLD DNS infrastructure under contractual framework” Requirements Proximity to Internet hosts and users Internet connectivity Peering relationships Adequate site facilities Technical support Price Process: RFP distributed to over 80 qualified vendors in Nov/Dec 1999

Aristotle Balogh February 2000 gTLD Site Selection Request for Proposal RFP Results 28 vendors registered to provide proposals 20 vendors responded with proposals Proposals currently being evaluated Sites being visited Selected vendors to be identified during February 2000 Schedule Deployment of next generation systems scheduled to begin Feb, 2000 through July 15, 2000

Aristotle Balogh February 2000 Average QPS for A, J & J.gtld

Aristotle Balogh February 2000 Root and GTLD Servers Growth in.com is accelerating Pushing resources to the limits Axfer off of a.root-servers.net is no longer feasible (E450) Zone propagation is growing (3+ hours) to distant sites. Queries per second (QPS is growing).

Aristotle Balogh February 2000 Average QPS for A & J Root Servers

Aristotle Balogh February 2000 Top 10 a.root-servers.net Queries

Aristotle Balogh February 2000 Top 10 j.root-servers.net Queries

Aristotle Balogh February 2000 Top 10 j.gtld-servers.net Queries

Aristotle Balogh February 2000 Named Memory Usage

Aristotle Balogh February 2000 Average QPS - a.root-servers.net

Aristotle Balogh February 2000 Average QPS - j.root-servers.net

Aristotle Balogh February 2000 Average QPS - j.gtld-servers.net

Aristotle Balogh February 2000 Satellite Based Zone File Distribution Challenges with current zone file distribution –Large file size (e.g. com.xfer is about 1.4 GB) –Files sizes growing exponentially –Variable latency and congestion on the Internet causes problems during zone transfer. –Long transfer times for remote sites (e.g. 4 hrs for Hong Kong site) –Zone file distribution time limits frequency of zone file distribution (currently twice a day)

Aristotle Balogh February 2000 Distributing zone files via satellite: –Enables use of compressed zone files (com.xfer.gz is 120 MB) –Scalable: Impact of file size growth is less –Provides fixed latency and congestion free transport –Simultaneous delivery of zones –Less load on zone distribution servers –Enables more frequent zone file updates (e.g. 4 times a day) Satellite Based Zone File Distribution

Aristotle Balogh February 2000 Timeline: Satellite Based Zone File Distribution

Aristotle Balogh February 2000 DNS Security Issues Participated in a number of workshops –non-trivial to setup –current implementation is buggy What the future holds –Has to only work in EDNS-aware servers (packet overflow on the roots for UDP on present 512 byte limitation). –Bind 8.x will not work.

Aristotle Balogh February 2000 DNS Security Changes Registrar/Registry split means that client has to go through registrar to have registry to sign. Steps: –Registrar needs to identify the domain holder and selects key that they desire to have signed with) –Registrar identifies itself with the registry –Verify that domain is with registrar –Signs domain public key –Signed key is returned to domain holder

Aristotle Balogh February 2000 DNS Security Changes Issues for NSI Registry –Registrars need to setup a front-end signing service for their domain holders) –RRP (the protocol that is between the registrar and registry) needs to be enhanced –Performance issues –Security issues on the key

Aristotle Balogh February 2000 Contact Info Registry Engineering –Ari Balogh DNS/gTLD Programs –Tom Newell –Mark Kosters

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.