Practices on DNS Management and Domain Name Emerging Topics. Jirasak Jullawat July 14, 2016
|
|
- Marybeth Harrington
- 5 years ago
- Views:
Transcription
1 Practices on DNS Management and Domain Name Emerging Topics Jirasak Jullawat July 14, 2016
2 TABLE OF CONTENTS 1. Definition of Domain Name 2. Domain Name Structure 3. Why Domain Name? 4..th Management 5. How DNS works? 6. Things You Should Know for Managing DNS. 7. DNSSEC 8. IDN 9. EAI 10. New gtlds
3 DOMAIN NAME?
4
5 Where are domain names? URL / URI / Address bar ป น.ไทย jirasak@thains.co.th abc@gmail.com ยอด@ยอด.ไทย
6 Then, what does DNS stand for?
7 Domain Name System
8 DNS Structure
9 Root com net org info biz uk cc kr jp th TLD ac co go in Country mi Code net or Generic Top-Level Domain Top-Level Domain (gtld) (cctld) moe gov1 gov2 gov3... SLD Third Level
10 Generic top-level domains (gtlds)
11
12 WHY DOMAIN?
13 Why DNS s so important?
14 Why DNS s so important? address web name BRAND
15 Why DNS s so important?
16 Why DNS s so important?
17 Why DNS s so important?
18 .th History
19 .th History
20 .th History July 1988,.th was registered. December 1991, the first academic meeting on Internet was conducted in AIT which results to the first 4 subdomain:.ac.th,.co.th,.or.th,.go.th In 1992, the DNS server was placed at Thailand first international gateway: Chulalongkorn University. In 1993, the volunteer team was called THNIC. Until 1997,.th service was run by the co-operation of CU & AIT. In 1998, the primary DNS server was relocated to AIT.
21 .th History In 1999, T.H.NIC Co., Ltd. was registered to replace the volunteer model. In 2001, Thai Name Server Co., Ltd. was registered and in charge of DNS database and services (Registry). While domain name registration service (Registrar) remained at T.H.NIC company. In 2007, Thai Network Information Center Foundation was established to be.th policy and management body.
22 .th Management (&.ไทย)
23 .th &.ไทย Management
24 .th Management.th + IDN.th.ไทย.co.in.ac.or.go.mi.net * IPv6 Supported * DNSSEC enabled
25 .th Management 7 subdomains:.co.th Commercial.go.th Government.or.th NGO.mi.th Military.ac.th Academic.net.th Internet or Network Service Providers.in.th Dot In Thai
26 .th Stability CU INET CAT Telecom ISC (Anycast) CommunityDNS (Anycast)
27 .th Policies For Thai Anti-Cyber Squatting Domain for real uses. Name restriction. Number restriction.
28 Why.th &.ไทย Verify the exist of domain owner Build trust of Thai online commerce.
29 How DNS works?
30 Query Local DNS Query Query Refer to Name Server Refer to.go.th Query Name Server Query Refer to moj.go.th Name Server Return Not in Cache Return ROOT Name Server.TH Name Server.GO.TH Name Server moj.go.th Name Server TH MOJ.GO.TH ROOT Hierachy GO.TH Resolver Connect to
31 Things You Need to Know about Managing DNS.
32 Domain Name Server Locations
33 $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 1 day IN NS ns1.example.in.th. IN NS ns2.example.in.th.
34 TTL When a caching (recursive) nameserver queries the authoritative nameserver for a resource record, it will cache that record for the time (in seconds) specified by the TTL $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 1 day IN NS ns1.example.in.th. IN NS ns2.example.in.th.
35 Serial The version number of the original copy of the zone. Zone transfers preserve this value. $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 1 day IN NS ns1.example.in.th. IN NS ns2.example.in.th.
36 Refresh A time interval before the zone should be refreshed. $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 1 day IN NS ns1.example.in.th. IN NS ns2.example.in.th.
37 Retry A time interval that should elapse before a failed refresh should be retried. $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 1 day IN NS ns1.example.in.th. IN NS ns2.example.in.th.
38 Expire A time value that specifies the upper limit on the time interval that can elapse before the zone is no longer authoritative. $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 1 day IN NS ns1.example.in.th. IN NS ns2.example.in.th.
39 Negative Caching The TTL for negative caching should be. $ORIGIN example.in.th. $TTL IN SOA ns1.example.in.th. dnsadmin.example.in.th. ( ; serial 7200 ; refresh after 2 hours 3600 ; retry after 1 hour ; expire after 1 week 7200 ) ; Negative Caching for 2 hours IN NS ns1.example.in.th. IN NS ns2.example.in.th.
40 DNSSEC
41 DNS Vulnerability Google.com Server #1 Google.com Server #2 Impersonating master Altered zone Cache poisoning Local server (Caching) A? Cache Impersonation End user (resolver)
42 DNSSEC Local Cache server A? A Plus signature by ns1.google.com End User Zone server Attacker A
43 Digital Signature
44 Walking the Chain of Trust MyDomain Information signed with Private Key. Private Key Use Public key is only way to read. Public Key IF Trusted Public Key can Trusted Information.
45 Walking the Chain of Trust Trusted. (root) Trusted th. Trusted co.th. Trusted thnic.co.th.
46 Key Zone Signing Key(ZSK) Used to sign the data within the zone Key Signing Key(KSK) Used to sign the Zone signing key and to create the Secure Entry Point for the zone
47 Delegation Signer (DS)
48 DNSViz.net
49
50 .IDN Internationalized Domain Name
51 IDN? IDN cctld IDN = Internationalized Domain Name cctld = Country-code Top Level Domain
52 Emerged IDN cctlds Singapore (sg) 新加坡 (traditional Chinese); ச ங கப ப ர (Tamil) Sri Lanka (lk): ල ක (Sinhalese); இலங கக (Tamil) Syria (sy): سورية Taiwan (tw): 台湾 (simplified); 台灣 (traditional); 臺灣 (variant string) Thailand (th): ไทย Tunisia (tn): تونس
53 .ไทย Register together with.th.ไทย 1 on 1 Translation or Transliteration
54
55 Most internet users are able to use English? Thai typing is somehow hard and words are longer?
56 IDN in Thai? % of Thai have English literacy. (about 7 millions from 70 millions) Some of them (63 millions) know latin characters but unable to remember words. Computer / Internet always meddle with English, so leave it!
57 IDN Reduce the digital divide which caused by language. Increase Internet penetration in non-native English countries. Local brands in local language which focus on local market, communicate them using IDN. local SEO benefit.
58 How IDN Works? DNS knows only ASCII A - Z IDN will be converted to ASCII between the process. 58
59 How IDN Works? xn--82cyau3b3mma.xn--o3cw4h.ไทย Name Server URL: จดโดเมน.ไทย จดโดเมน.ไทย Web Server 59
60 EAI ( Address Internationalization)
61
62 EAI
63 Who are EAI supported? Gmail & Google Apps Postfix version 3.0 Outlook 2016 for Windows THNIC
64 .ไทย EAI service
65
66 Thai EAI Set-up Basic Guideline Development
67 New gtlds
68 New gtlds ICANN opened for anyone could apply for any Top Level Domain. $185,000 registration fee. Application period opened in round. Round 1 was closed on May 30, Total 1,930 Applications submitted.
69 New gtlds Delegated Strings
70 Jirasak Jullawat
5 DNS Security Extensions DNSSEC
Information Security 1 (InfSi1) 5 DNS Security Extensions DNSSEC Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 1 Information
More informationIDN Registrar Perspective
IDN Registrar Perspective ccnso TechDay, 20 June 2011 Presented by Janna Lam Copyright 2010 IP Mirror Private Limited. All rights reserved. IDN Fast Track Process First IDN cctld approved on 22 Apr 2010
More informationOverview. Coordinating with our partners, we help make the Internet work.
ICANN Update Champika Wijayatunga Regional Security Engagement Manager Asia Pacific TWNIC OPM / TWNOG 27-28 November 2018 1 Overview Coordinating with our partners, we
More informationDNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific
DNS/DNSSEC Workshop In Collaboration with APNIC and HKIRC Hong Kong Champika Wijayatunga Regional Security Engagement Manager Asia Pacific 22-24 January 2018 1 Agenda 1 2 3 Introduction to DNS DNS Features
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Dynamic
More informationIDN Program Update to ccnso. Sarmad Hussain IDN Program Sr. Manager 10 Feb. 2015
IDN Program Update to ccnso Sarmad Hussain IDN Program Sr. Manager 10 Feb. 2015 Agenda Overview of IDN Program IDN TLD Program IDN cctld Fast Track IDN Tables IDN Implementation Guidelines Communications
More informationDomain Name System.
Domain Name System http://xkcd.com/302/ CSCI 466: Networks Keith Vertanen Fall 2011 Overview Final project + presentation Some TCP and UDP experiments Domain Name System (DNS) Hierarchical name space Maps
More informationA paper on DNSSEC - NSEC3 with Opt-Out
A paper on DNSSEC - NSEC3 with Opt-Out DNSSEC A Way Forward for TLD Registries Method for faster adoption of DNSSEC Providing greater security with minimal impact on customers, registries and Zone Management
More information6 March 2012
6 March 2012 richard.lamb@icann.org www.majorbank.se=? 1.2.3.4 Get page Login page Username / Password Account Data DNS Resolver ISP www.majorbank.se = 1.2.3.4 DNS Server webserver www @ 1.2.3.4 Majorbank
More informationHoda Rohani Anastasios Poulidis Supervisor: Jeroen Scheerder. System and Network Engineering July 2014
Hoda Rohani Anastasios Poulidis Supervisor: Jeroen Scheerder System and Network Engineering July 2014 DNS Main Components Server Side: Authoritative Servers Resolvers (Recursive Resolvers, cache) Client
More informationDNS and SMTP. James Walden CIT 485: Advanced Cybersecurity. James WaldenCIT 485: Advanced Cybersecurity DNS and SMTP 1 / 31
DNS and SMTP James Walden CIT 485: Advanced Cybersecurity James WaldenCIT 485: Advanced Cybersecurity DNS and SMTP 1 / 31 Table of contents 1. DNS 2. DNS Protocol Packets 3. DNS Caching 4. DNS Cache Poisoning
More informationICANN PacNOG 11
ICANN Update @ PacNOG 11 Savenaca Vocea Nadi, 2 June 2012 The mission of The Internet Corporation for Assigned Names and Numbers ("ICANN ) To coordinate, at the overall level, the global Internet's systems
More informationNetwork Security Part 3 Domain Name System
Network Security Part 3 Domain Name System Domain Name System The$domain$name$system$(DNS)$is$an$applica6on7layer$ protocol$$for$mapping$domain$names$to$ip$addresses$ DNS www.example.com 208.77.188.166
More informationRoot Servers. Root hints file come in many names (db.cache, named.root, named.cache, named.ca) See root-servers.org for more detail
What is DNS? Systems to convert domain names into ip addresses: For an instance; www.tashicell.com 118.103.136.66 Reverse: 118.103.136.66 www.tashicell.com DNS Hierarchy Root Servers The top of the DNS
More informationDNS. Introduction To. everything you never wanted to know about IP directory services
Introduction To DNS everything you never wanted to know about IP directory services Linux Users Victoria, April 3 rd 2007 what is the domain name system anyway? it's like a phone book...kinda DNS is (1)
More informationOrdinary DNS: A? k.root-servers.net. com. NS a.gtld-servers.net a.gtld-servers.net A Client's Resolver
Ordinary DNS: www.google.com A? com. NS a.gtld-servers.net a.gtld-servers.net A 192.5.6.30 k.root-servers.net Ordinary DNS: www.google.com A? com. NS a.gtld-servers.net a.gtld-servers.net A 192.5.6.30
More informationDNSSEC All You Need To Know To Get Started
DNSSEC All You Need To Know To Get Started Olaf M. Kolkman RIPE NCC A Semi Technical Introduction Why do we need DNSSEC What does DNSSEC provide How does DNSSEC work Question: www.ripe.net A Reminder:
More informationIntroduction to International Domain Names for Applications (IDNA)
White Paper Introduction to International Domain Names for Applications (IDNA) diamondip.com by Timothy Rooney Product management director BT Diamond IP for Applications (IDNA) By Tim Rooney, Director,
More informationComputer Security CS 426
Computer Security CS 426 Lecture 34 DNS Security 1 Domain Name System Translate host names to IP addresses E.g., www.google.com 74.125.91.103 Hostnames are human-friendly IP addresses keep changing And
More informationROOT SERVERS MANAGEMENT AND SECURITY
ROOT SERVERS MANAGEMENT AND SECURITY WSIS African regional meeting 01/29/05 ALAIN PATRICK AINA aalain@trstech.net What is DNS(1)? Addresses are used to locate objects Names are easier to remember than
More informationComputer Networks. Domain Name System. Jianping Pan Spring /25/17 CSC361 1
Computer Networks Domain Name System Jianping Pan Spring 2017 1/25/17 CSC361 1 Review: Web/HTTP Web URI/URL, HTML tags embedded/linked objects HTTP request and response persistence, statefulness web caching,
More informationOverview. Last Lecture. This Lecture. Next Lecture. Scheduled tasks and log management. DNS and BIND Reference: DNS and BIND, 4 th Edition, O Reilly
Last Lecture Overview Scheduled tasks and log management This Lecture DNS and BIND Reference: DNS and BIND, 4 th Edition, O Reilly Next Lecture Address assignment (DHCP) TELE 301 Lecture 11: DNS 1 TELE
More informationDNS. A Massively Distributed Database. Justin Scott December 12, 2018
DNS A Massively Distributed Database Justin Scott December 12, 2018 What is DNS? Translates Hostnames to IP Addresses What is DNS? Example: www.serverlogic.com 23.185.0.4 What is DNS? Example: www.serverlogic.com
More informationIn the Domain Name System s language, rcode 0 stands for: no error condition.
12/2017 SIMPLE, FAST, RESILIENT In the Domain Name System s language, rcode 0 stands for: no error condition. If a DNS server answers a query with this result code, the service is running properly. This
More informationCSE 265: System & Network Administration
CSE 265: System & Network Administration DNS The Domain Name System History of DNS What does DNS do? The DNS namespace BIND software How DNS works DNS database Testing and debugging (tools) DNS History
More informationDNS and HTTP. A High-Level Overview of how the Internet works
DNS and HTTP A High-Level Overview of how the Internet works Adam Portier Fall 2017 How do I Google? Smaller problems you need to solve 1. Where is Google? 2. How do I access the Google webpage? 3. How
More informationDNS and ICANN. Laurent Ferrali. 27th August 2018
Laurent Ferrali 27th August 2018 DNS and ICANN ITU Annual Regional Human Capacity Building Workshop on Strengthening Capacities in Internet Governance in Africa, Abuja, Nigeria 1 DNS? 2 Unique Names and
More informationThe Domain Name System
The Domain Name System History of DNS Before DNS ARPAnet HOSTS.txt contains all the hosts information Maintained by SRI s Network Information Center In SRI-NIC host Problems: Not scalable! Traffic and
More informationcctlds, gtlds, and IDNs
cctlds, gtlds, and IDNs May 27, 2014 Fahd Batayneh Coordinator, Stakeholder Engagement, Middle East ICANN Topics of Discussion + Top Level Domains (TLDs) + cctlds + gtlds + IDNs + New gtlds + Registry/Registrar/Registrant
More informationArabic Domain Names (ADN) Pilot Project
Joint UNESCO and ITU Global Symposium on Promoting the Multilingual Internet Arabic Domain Names (ADN) Pilot Project Imad Al-Sabouni Advisor to the Minister of Communications and Technology, Syria Vice
More informationDNS Mark Kosters Carlos Martínez {ARIN, LACNIC} CTO
DNS Workshop @CaribNOG12 Mark Kosters Carlos Martínez {ARIN, LACNIC} CTO DNS Refresher and Intro to DNS Security Extension (DNSSEC) Outline Introduction DNSSEC mechanisms to establish authenticity and
More information.BIZ Agreement Appendix 10 Service Level Agreement (SLA) (22 August 2013)
.BIZ Agreement Appendix 10 Service Level Agreement (SLA) (22 August 2013) Registry Operator and ICANN agree to engage in good faith negotiations to replace this Appendix 10 with a Service Level Agreement
More informationMore on DNS and DNSSEC
More on DNS and DNSSEC CS 161: Computer Security Prof. Raluca Ada Popa March 6, 2018 A subset of the slides adapted from David Wagner Domain names Domain names are human friendly names to identify servers
More informationIt Internationalized ti Domain Names W3C Track: An International Web
It Internationalized ti Domain Names W3C Track: An International Web Tina Dam ICANN Director, IDN Program tina.dam@icann.org 17th International World Wide Web Conference, WWW2008 Beijing International
More informationKeeping DNS parents and children in sync at Internet Speed! Ólafur Guðmundsson
Keeping DNS parents and children in sync at Internet Speed! Ólafur Guðmundsson olafur@cloudflare.com How long does it take to? Post a new selfie on Facebook and all your friends to be notified few seconds
More informationDNS Review Quiz. Match the term to the description: A. Transfer of authority for/to a subdomain. Domain name DNS zone Delegation C B A
DNS Review Quiz Match the term to the description: C B A Level: Domain name DNS zone Delegation Descriptions: A. Transfer of authority for/to a subdomain B. A set of names under the same authority (ie.com
More informationGetting ready for the Expansion of the DNS
Universal Acceptance Getting ready for the Expansion of the DNS Lars Steffen Get Engaged in ICANN Seminar / 21 February 2018 Universal Acceptance Warm-Up Warm-up Exercise According to w3techs, which of
More informationDNS Mark Kosters Carlos Martínez ARIN - LACNIC
DNS Workshop @CaribNOG8 Mark Kosters Carlos Martínez ARIN - LACNIC DNS Refresher and Intro to DNS Security Extension (DNSSEC) Outline Introduction DNSSEC mechanisms to establish authenticity and integrity
More informationDNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific
DNS/DNSSEC Workshop In Collaboration with APNIC and HKIRC Hong Kong Champika Wijayatunga Regional Security Engagement Manager Asia Pacific 22-24 January 2018 1 DNSSEC 2 2 DNS: Data Flow Zone administrator
More informationThis time. Digging into. Networking. Protocols. Naming DNS & DHCP
This time Digging into Networking Protocols Naming DNS & DHCP Naming IP addresses allow global connectivity But they re pretty useless for humans! Can t be expected to pick their own IP address Can t be
More informationUniversal Acceptance Technical Perspective. Universal Acceptance
Universal Acceptance Technical Perspective Universal Acceptance Warm-up Exercise According to w3techs, which of the following pie charts most closely represents the fraction of websites on the Internet
More informationDS TTL shortening experience in.jp
DS TTL shortening experience in.jp APRICOT2014 DNS Session 27 Feb 2014 Yoshiro YONEYA Copyright 2014 Japan Registry Services Co., Ltd. 1 What is DS? Establish a DNSSEC chain
More informationDomain Name System - Advanced Computer Networks
- Advanced Computer Networks Saurabh Barjatiya International Institute Of Information Technology, Hyderabad 26 August, 2011 Contents 1 Distributed database, highly volatile Domain names Top level domains
More informationICANN 48 NEWCOMER SESSION
ICANN 48 NEWCOMER SESSION This Is YOUR Day WELCOME! Newcomer Experience ICANN and the Internet Eco-System ICANN and the Multi-Stakeholder Model LUNCH BREAK 1200-1315 ICANN s Work ICANN Meeting Week Staying
More informationA Security Evaluation of DNSSEC with NSEC Review
A Security Evaluation of DNSSEC with NSEC Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka November 16, 2011 1 Introduction to the topic and the reason for the topic being
More informationBy Paul Wouters
By Paul Wouters Overview presentation Theory of DNSSEC Using bind with DNSSEC Securing Ò.nlÓ with SECREG Securing Ò.orgÓ with VerisignLabs Deploying DNSSEC on large scale Audience participation
More informationDNS. dr. C. P. J. Koymans. September 16, Informatics Institute University of Amsterdam. dr. C. P. J. Koymans (UvA) DNS September 16, / 46
DNS dr. C. P. J. Koymans Informatics Institute University of Amsterdam September 16, 2008 dr. C. P. J. Koymans (UvA) DNS September 16, 2008 1 / 46 DNS and BIND DNS (Domain Name System) concepts theory
More informationDNS Fundamentals. Steve Conte ICANN60 October 2017
DNS Fundamentals Steve Conte ICANN60 October 2017 Names and Numbers IP addresses easy for machines but hard for people IPv4: 192.0.2.7 IPv6: 2001:db8::7 People need to use names In the early days of the
More information12 DNS Security Extensions DNS resolution via recursive nameserver DNS request/response format Simple DNS cache poisoning The Dan Kaminsky DNS
12 DNS Security Extensions DNS resolution via recursive nameserver DNS request/response format Simple DNS cache poisoning The Dan Kaminsky DNS vulnerability DNS root servers DNSSEC chain of trust DNSSEC
More information2. Introduction to Internet Applications
2. Introduction to Internet Applications 1. Representation and Transfer 2. Web Protocols 3. Some Other Application Layer Protocols 4. Uniform Resource Identifiers (URIs) 5. Uniform Resource Locators (URLs)
More informationDomain Name System Security
Domain Name System Security T-110.4100 Tietokoneverkot September 2010 Bengt Sahlin 2011/09/27 Bengt Sahlin 1 Objectives Provide DNS basics, essential for understanding DNS security
More informationCNNIC Contributes in Internationalized Domain Name
CNNIC Contributes in Internationalized Domain Name What s Ahead What are IDNs? The need for IDN Pass, present, future of IDN What should we do? What Are IDNs The Concept Internationalized Domain Names
More informationDNSSEC DNS SECURITY EXTENSIONS INTRODUCTION TO DNSSEC FOR SECURING DNS QUERIES AND INFORMATION
DNSSEC DNS SECURITY EXTENSIONS INTRODUCTION TO DNSSEC FOR SECURING DNS QUERIES AND INFORMATION Peter R. Egli 1/10 Contents 1. Security Problems of DNS 2. Solutions for securing DNS 3. Security with DNSSEC
More informationDNS & Iodine. Christian Grothoff.
DNS & Iodine christian@grothoff.org http://grothoff.org/christian/ The Domain Name System is the Achilles heel of the Web. Tim Berners-Lee 1 DNS: Domain Name System Unique Distributed Database Application-layer
More informationDOWNLOAD PDF RESOLVING HIGH-LEVEL MACHINE NAMES
Chapter 1 : resolving host names VMware Communities DNS works fine for all of the machines in our network. Except for a handful. These machines are on a subnet. Only half of the machines on this subnet
More informationSOFTWARE ARCHITECTURE 9. NAME RESOLUTION.
1 SOFTWARE ARCHITECTURE 9. NAME RESOLUTION Tatsuya Hagino hagino@sfc.keio.ac.jp lecture URL https://vu5.sfc.keio.ac.jp/slide/ 2 OSI Reference Model Open Systems Interconnect ISO defined around 1984. Application
More informationInternationalized Domain Names
Internationalized Domain Names Fahd Batayneh Middle East DNS Forum 2018 26 April 2018 Agenda 1 2 3 ICANN s IDN Program Universal Acceptance Initiative Task Force on Arabic Script IDNs (TF- AIDN) 2 ICANN
More informationSome DNSSEC thoughts. DNSOPS.JP BOF Interop Japan Geoff Huston Chief Scientist, APNIC June 2007
Some DNSSEC thoughts DNSOPS.JP BOF Interop Japan 2007 Geoff Huston Chief Scientist, APNIC June 2007 The DNS is a miracle! You send out a question into the net And an answer comes back! Somehow But WHO
More informationDNSSECbis Lookaside Validation. Peter Losher Internet Systems Consortium (November 2006)
DNSSECbis Lookaside Validation Peter Losher Internet Systems Consortium (November 2006) Topics Introduction DNS Delegation and Resolution DNSSECbis Data and Traversal DLV Overview
More informationDNS Basics BUPT/QMUL
DNS Basics BUPT/QMUL 2018-04-16 Related Information Basic function of DNS Host entry structure in Unix Two system calls for DNS database retrieving gethostbyname () gethostbyaddr () 2 Agenda Brief introduction
More informationIntegrate with other Azure services Protect DNS zones and records Automate DNS operations with the.net SDK Custom domains for Azure resources
Table of Contents Overview What is Azure DNS? DNS zones and records DNS delegation with Azure DNS DNS FAQ Using private DNS zones Get Started Create a DNS zone and record Azure portal Azure PowerShell
More informationICANN Policy Update & KSK Rollover
ICANN Policy Update & KSK Rollover Savenaca Vocea VP, Stakeholder Engagement - Oceania Commonwealth Broadband Pacific Forum 2017, Apia, Samoa 25-27 July 2017 1 Overview Coordinating with our partners,
More informationTWNIC Chinese EAI Promotion ICANN /03/14
TWNIC Chinese EAI Promotion ICANN 58 2017/03/14 idn.tw & idn. 台灣 registrations 350000 339,182 300000 250000 254,178 200000 192,458 150000 100000 50000 idn.tw open for registration on 2001.2.16 idn. 台灣
More informationDNS Related Activities at the RIPE NCC
DNS Related Activities at the RIPE NCC Henk Uijterwaal RIPE NCC New Projects Group Amersfoort, 29 August 2005 1 Agenda RIPE and the RIPE NCC Who we are What we do DNS related areas where we are active
More informationDraft Applicant Guidebook, v3
Draft Applicant Guidebook, v3 Module 5 Please note that this is a discussion draft only. Potential applicants should not rely on any of the proposed details of the new gtld program as the program remains
More informationDomain Name System (DNS)
Domain Name System (DNS) Outline Naming Hosts Domain Name Hierarchy Zones DNS Records Name Resolution CS 640 1 Naming Hosts Thus far we have identified hosts using IP addresses and MAC address Hard for
More informationDNS. Karst Koymans & Niels Sijm. Tuesday, September 7, Informatics Institute University of Amsterdam
DNS Karst Koymans & Niels Sijm Informatics Institute University of Amsterdam Tuesday, September 7, 2012 Karst Koymans & Niels Sijm (UvA) DNS Tuesday, September 7, 2012 1 / 62 1 DNS: what does it do and
More informationNetworking Applications
Networking Dr. Ayman A. Abdel-Hamid College of Computing and Information Technology Arab Academy for Science & Technology and Maritime Transport 1 Outline Introduction Name Space concepts Domain Name Space
More informationYou Should Delete Dns Delegations In The Parent Zone
You Should Delete Dns Delegations In The Parent Zone Currently I'm at the step where I should decommission one Server 2008 DC. It's going to remove the zone records for that DC from that DC and any references
More informationAPNIC elearning: DNS Concepts
APNIC elearning: DNS Concepts 27 MAY 2015 11:00 AM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationLaunching IDN & IDN TLDs: A gtld Registry Perspective. APNIC, Beijing
Launching IDN & IDN TLDs: A gtld Registry Perspective APNIC, Beijing 2009.08.24 Overview General Considerations IDN 2LDs (e.g. 中文.asia) IDN TLD (e.g. 中文. 亞洲 ) ICANN Considerations General Considerations
More informationDNSSEC. CS 161: Computer Security Prof. David Wagner. April 11, 2016
DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you invented DNSSEC. Well, the basic ideas, anyway: Sign all DNS records. Signatures let you verify answer to DNS
More informationIPv6 Support in the DNS. Athanassios Liakopoulos 6DEPLOY IPv6 Training, Skopje, June 2011
IPv6 Support in the DNS Athanassios Liakopoulos (aliako@grnet.gr) 6DEPLOY IPv6 Training, Skopje, June 2011 Copy Rights This slide set is the ownership of the 6DEPLOY project via its partners The Powerpoint
More information3. The DNSSEC Primer. Data Integrity (hashes) Authenticated Denial of Existence (NSEC,
3. The DNSSEC Primer Authentication (keys, signatures) Data Integrity (hashes) Chain of Trust (root zone, when signed) Authenticated Denial of Existence (NSEC, NSEC3) DNS Authoritative ROOT SERVERS TLD
More informationDNS and cctld Management. Save Vocea and Champika Wijayatunga Apia Samoa July 2015
DNS and cctld Management Save Vocea and Champika Wijayatunga Apia Samoa 14-15 July 2015 Agenda 1 2 3 Intro to ICANN DNS Concepts Root Server Operation 4 5 6 Managing Zones cctld Management Security, Stability
More informationExamining! the User Experience Implications! of Active Variant TLDs Project! Study Completed in March 2013!
!! Examining! the User Experience Implications! of Active Variant TLDs Project! Study Completed in March 2013! http://www.icann.org/en/resources/idn/variant-tlds/active-ux-21mar13-en.pdf!! 1 Scope of P6
More informationAdvanced Networking. Domain Name System
Advanced Networking Domain Name System Purpose of DNS servers Human being has many identifications: 1) Our name can be used for identification Problem: Two differenet people may have same name. 2) Mobile
More informationAdvanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers
Purpose of DNS servers Advanced Networking Domain Name System Human being has many identifications: 1) Our name can be used for identification Problem: Two differenet people may have same name. 2) Mobile
More informationThe State and Challenges of the DNSSEC Deployment. Eric Osterweil Michael Ryan Dan Massey Lixia Zhang
The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang 1 Monitoring Shows What s Working and What needs Work DNS operations must already deal with widespread
More informationDomain Name Service. DNS Overview. October 2009 Computer Networking 1
Domain Name Service DNS Overview October 2009 Computer Networking 1 Why DNS? Addresses are used to locate objects (contain routing information) Names are easier to remember and use than numbers DNS provides
More informationThe GCC Pilot Project for Arabic Domain Names..kw.qa.om.sa.bh.ae
The GCC Pilot Project for Arabic Domain Names Raed Al-Fayez Head of the GCC Pilot Project Technical Taskforce SaudiNIC raed@isu.net.sa.kw.qa.om.sa.bh.ae Agenda Characteristics of A Domain Name IDN and
More informationInternationalized Domain Names New gtld Program
Internationalized Domain Names New gtld Program Doug Brent Chief Operating Officer Hong Kong 24 July 2009 Karla Valente Director New gtld Program 0 Agenda Internationalized Domain Names (IDNs) defined
More informationAssessing and Improving the Quality of DNSSEC
Assessing and Improving the Quality of DNSSEC Deployment Casey Deccio, Ph.D. Sandia National Laboratories AIMS-4 CAIDA, SDSC, San Diego, CA Feb 9, 2012 Sandia is a multiprogram laboratory operated by Sandia
More informationDomain Name System Security
Slide title 70 pt APITALS Domain Name System Security e subtitle um 30 pt Bengt Sahlin Ericsson Research NomadicLab Bengt.Sahlin@ericsson.com Objectives Provide DNS basics, essential for understanding
More informationVNNIC UPDATE. Presented by: Oanh Nguyen Vietnam Internet Network Information Center (VNNIC) Taichung Sep, 2017
VNNIC UPDATE Presented by: Oanh Nguyen Vietnam Internet Network Information Center (VNNIC) Email: ntoanh@vnnic.vn Taichung Sep, 2017 Contents VNNIC s activities Internet Resources Management and Development
More informationDomain Name System Security
Domain Name System Security T-110.4100 Tietokoneverkot October 2008 Bengt Sahlin 2008/10/02 Bengt Sahlin 1 Objectives Provide DNS basics, essential for understanding DNS security
More informationICANN November Tina Dam Director, IDN Program
ICANN 33 6 November 2008 Tina Dam Director, IDN Program IDN SLD registrations since 2001 (testbed) 2003(protocol) 2 IDNs what a year! Fast Track Draft Plan for public comments Outstanding key issues: Relation
More information.JP technical update
.JP technical update September 2, 2003 RIPE 46 General Meeting Yasuhiro Orange Morishita Japan Registry Service, Co., Ltd. (JPRS) http://jprs.jp/ http://.jp/ Topics Japanese JP Domain
More informationTHE AUTHORITATIVE GUIDE TO DNS TERMINOLOGY
Ebook: THE AUTHORITATIVE GUIDE TO DNS TERMINOLOGY From A Record & DNS to Zones 603 668 4998 Your Master List of Key DNS Terms As more users and more online services (sites, microservices, connected things,
More informationUniversal Acceptance An Update
Universal Acceptance An Update Don Hollander / GDD Summit / May 2016 Universal Acceptance Universal Acceptance Universal Acceptance is the state where all valid domain names and email addresses are accepted,
More informationThe ISP Column A column on things Internet. Three DNS articles: 3. Helping Resolvers to help the DNS. RFC8192 Aggressive NSEC Caching
The ISP Column A column on things Internet Geoff Huston November 2017 Three DNS articles: 3. Helping Resolvers to help the DNS In this final article of a trio that looks at today s hot topics in the DNS,
More informationInternet Engineering Task Force (IETF) Request for Comments: 7706 Category: Informational ISSN: November 2015
Internet Engineering Task Force (IETF) Request for Comments: 7706 Category: Informational ISSN: 2070-1721 W. Kumari Google P. Hoffman ICANN November 2015 Decreasing Access Time to Root Servers by Running
More informationDNS Concepts. Acknowledgements July 2005, Thimphu, Bhutan. In conjunction with SANOG VI. Bill Manning Ed Lewis Joe Abley Olaf M.
16-20 July 2005, Thimphu, Bhutan In conjunction with SANOG VI DNS Concepts Acknowledgements Bill Manning Ed Lewis Joe Abley Olaf M. Kolkman NeuStar 1 Purpose of naming Addresses are used to locate objects
More informationInternational Domain Names Implementation notes
International Domain Names Implementation notes Michel Suignard Microsoft Corp Босна-и-ХерцеговинаآذربايجانАзəрбајҹан ব ল দশ България Հայաստան افغانستان االمارات جيبوتي الجزائر مصر འ ག ལБеларусь ᑲᓇᑕ 中国
More informationAddress Internationalization Technical Perspective. Universal Acceptance
Email Address Internationalization Technical Perspective Universal Acceptance Warm-up Exercise Each of the 3 groups below contain lists of Top Level Domains (TLDs) that are valid (approved and delegated
More informationRe-engineering the DNS One Resolver at a Time. Paul Wilson Director General APNIC channeling Geoff Huston Chief Scientist
Re-engineering the DNS One Resolver at a Time Paul Wilson Director General APNIC channeling Geoff Huston Chief Scientist 1 In this presentation I ll talk about the DNS, and the root server infrastructure
More informationRSSAC Activities Update. Lars Johan Liman and Tripti Sinha RSSAC Chair ICANN-54 October 2015
RSSAC Activities Update Lars Johan Liman and Tripti Sinha RSSAC Chair ICANN-54 October 2015 Agenda 1 2 3 Overview RSSAC002 Implementation Status Update RSSAC003: RSSAC Report on Root Zone TTLs 4 5 6 RSSAC
More informationDNS. David Malone. 19th October 2004
DNS David Malone 19th October 2004 1 Names vs. Addresses Computers like addresses eg. 134.226.81.11. People prefer names salmon.maths.tcd.ie. Need a way to translate. walton.maths.tcd.ie close to salmon.maths.tcd.ie.
More informationDNSSEC. Lutz Donnerhacke. db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb dig +dnssec e164.arpa. naptr
DNSSEC Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb dig +dnssec 1.6.5.3.7.5.1.4.6.3.9.4.e164.arpa. naptr 1 A protocol from better times An ancient protocol People were friendly and
More informationInternationalized Domain Names an introduction
Internationalized Domain Names an introduction Tina Dam Director, IDN Program 1 March 2009 Agenda Where are we and where are we headed IDN TLD Processes IDN Definitions How does IDNs work including examples
More information