Mr
Ondrej Filip
(CZ.NIC)
03/10/2015, 10:00
OARC AGM
Mr
William Sotomayor
(DNS-OARC)
03/10/2015, 11:15
Public Workshop
Ms
Dalini Khemlani
(DNS-OARC)
03/10/2015, 11:35
Public Workshop
Mr
Ralf Weber
(Nominum Inc)
03/10/2015, 11:55
Members-Only
Allison Mankin
(Verisign Labs), Mr
Shumon Huque
(Verisign Labs)
03/10/2015, 14:00
Public Workshop
As part of the IETF's efforts to secure all protocols against pervasive surveillance, several privacy enhancements to the DNS are actively being developed with prototype implementations of such enhancements also emerging. This talk will provide a technical description of these mechanisms as well as deployment challenges and related considerations. Topics to be covered will include query-name...
Sara Dickinson
(Sinodun IT)
03/10/2015, 14:30
Public Workshop
This talk will focus on the existing prototype implementations of DNS-over-TLS and dive into some of the finer points of using TLS in
practice. This will include authentication issues, performance considerations, TCP connection management, DoS mitigation and a demonstration. It will also discuss the current best practices for using TLS in applications and the upcoming developments in TLS 1.3.
Mr
Shumon Huque
(Verisign Labs)
03/10/2015, 15:00
Public Workshop
This talk will discuss upcoming and future steps envisioned to increase the adoption of DNSSEC and DANE (DNS-based Authentication of Named Entities) by Internet applications. It will start by providing an overview of the current state of adoption of DANE, and then discuss challenges faced by some application communities and some applications for which DANE doesn't yet provide a solution. Among...
Mr
Tomas Hlavacek
(CZ.NIC, z.s.p.o.)
03/10/2015, 16:00
Public Workshop
CZ.NIC Labs created and continues to actively develop Knot DNS authoritative DNS server. The development team puts substantial effort into optimizing the server performance and searching for new optimization opportunities. So we created a DISTEL-based lab for benchmarking not only our server but for comparing many different authoritative DNS servers and versions.
The presentation shows our...
victoria risk
(isc)
03/10/2015, 16:30
Lightning Presentations
The EDNS (Extension mechanisms for DNS) protocol allows us to add new features to DNS that were not envisioned when DNS was originally specified. DNSSEC, Client-subnet Identifier and DNS cookies are applications that use EDNS.
It appears from ISC's testing that a significant percentage of sites that support EDNS do not respond well to unknown EDNS options. The failure mode can be as severe...
Robert Edmonds
(Farsight Security, Inc.)
03/10/2015, 16:45
Lightning Presentations
This talk will outline the use of tools from the netsniff-ng toolkit and the Linux kernel along with a home-grown benchmark harness to characterize UDP DNS performance. These tools operate very differently from "traditional" utilities like dnsperf/resperf and produce very different results, possibly contradicting conventional wisdom that UDP on Linux is slow.
Mr
Joao Luis Silva Damas
(Bond Internet Systems)
03/10/2015, 17:00
Public Workshop
Using traffic captured at two different ISP's recursive resolvers we analise the potential impact on the servers of long lived TCP sessions, investigating the effect of timeout settings, the total number of simultaneous connections that would be kept open and the potential benefits of connection reuse as proposed in the current version of draft-ietf-dnsop-5966bis, with the intent of offering...
Mr
Kazunori Fujiwara
(Japan Registry Services Co., Ltd)
03/10/2015, 17:30
Lightning Presentations
The presentation discusses just an idea
about DNS over QUIC and zone transfer
over QUIC or TLS/TCP.
The third transport of DNS may be QUIC.
Both DNS and QUIC use UDP and port 53/UDP may be possible to share.
(If possible, implementation status will be reported, but it seems hard.)
And zone transfers may be performed over QUIC or TLS/TCP transport with
server certificate authentication.
Mr
Brian Somers
(OpenDNS, FreeBSD)
04/10/2015, 09:00
Public Workshop
Open resolvers will always be a target for abuse either as an attack amplification point or as a mask of the attack source. This presentation discusses the measures that OpenDNS has put in place to ensure that their open resolvers contribute towards reducing or blocking DDoS attacks. It goes on to discuss future plans to identify limit or block DoS sources.
Mr
Christian Petrasch
(DENIC eG)
04/10/2015, 09:30
Public Workshop
This Abstract describes the concepts, the development and the functionalities of the DENIC DNS Countinuous Integration and Deployment Pipeline. Furthermore the advantages you could receive through this technics and automated testing. More informations will follow in the summary form.
Mr
Ólafur Guðmundsson
(CloudFlare Inc.)
04/10/2015, 10:00
Public Workshop
DNS ANY queries are a source of controversy and strong feelings. In practice ANY queries are used for debug purposes, but are frequently abused in amplification attacks, as they give the best amplification factor. In some non-traditional DNS authoritative servers the cost of answering ANY queries can be high due to multiple DB lookups and dynamic records.
Once in a while someone thinks that...
Jim Cowie
(Dyn, Inc.),
Matt Larson
(Dyn, Inc.)
04/10/2015, 11:00
Public Workshop
In addition to driving ccTLD growth, a strong national content hosting industry improves consumer experience by making content faster, cheaper, and more accessible. Ironically, the existence of a large content-hosting industry next door has tended to artificially reduce the percentage of both Canadian and Mexican content that is domestically hosted.
In this talk, we'll examine the most...
Mr
M Wullink
(SIDN)
04/10/2015, 11:30
Public Workshop
#Introduction
As the operator of the .nl ccTLD, SIDN is very interested in keeping the .nl zone as safe as possible.
Analyzing the query data can help to detect cybercrime activity in the .nl zone which we can than try to cleanup.
Traditional DNS query data analysis done by storing data as PCAP's and analyzing them with tools such a tshark and wireshark is often a slow and painful process....
Mr
zaifeng zhang
(QIHOO 360)
04/10/2015, 12:00
Lightning Presentations
Cluster the DNS domains is a basic but very important work in analyzing the dizzy businesses of the Internet. Only based on the accurate clustered domain result, we can discern and analyze all kinds of DNS data. Now, most of the works focus on the domain structure and hoping finding the relationships among kinds of domains. Recently, based on the largest public passiveDNS database in China, we...
Mr
Sebastian Castro
(NZRS)
04/10/2015, 12:15
Public Workshop
NZRS has been running zone scans on a monthly basis over the active .nz domain names for the past two years. We are using dnscheck with custom changes to collect DNS health information, as well as IPv6 deployment metrics. The data is of no use if it can't be made readily available to interested parties.
To sort this out, NZRS will start using an open data portal provided by Socrata to allow...
Duane Wessels
(Verisign),
Matthew Thomas
(Verisign)
04/10/2015, 14:00
Public Workshop
The Root Server System Advisory Committee (RSSAC) within ICANN was recently tasked with considering the extent to which the current root zone TTLs are appropriate for today's Internet environment and the impacts of root TTL alterations on the wider DNS system. The historical DITL data from 2014 and 2015 was analyzed for trends in TTL adherence, answering some of the following questions: To...
Mr
Ray Bellis
(Internet Systems Consortium, Inc.)
04/10/2015, 14:30
Public Workshop
ISC has been using data routinely collected by every RIPE Atlas node to research the effectiveness of F-root's current transit and peering arrangements.
The presentation will show how visualisation of this data can identify issues that should be resolved, along with "before and after" pictures showing the effect of changes that we already made to our routing configuration based on this analysis.
Duane Wessels
(Verisign)
04/10/2015, 15:00
Public Workshop
Thirteen years ago Verisign renumbered j.root-servers.net so that it could be anycasted. Since that time, we have been continuing to answer queries sent to the old IP address. We have also been collecting some data on queries to old J-root.
In this presentation we will explore such questions as: what do we know about the clients of old J-root? Do they overlap with clients of the real...
Matt Larson
(Dyn, Inc.)
04/10/2015, 16:00
Public Workshop
As a byproduct of our web-based Real User Monitoring (RUM) agent, Dyn obtains the IP addresses of individual hosts running web browsers all over the world as well as the IP addresses of the recursive servers queried by those hosts. We have analyzed a rich data set of over 110 million client IP address-to-recursive IP address mappings to research an area of DNS that we believe has not been...
Brian Hartvigsen
(OpenDNS)
04/10/2015, 16:30
Public Workshop
Client Subnet offers the ability to offer better geolocation of end-users via DNS responses. This talk will concentrate on what happens when Client Subnet is enabled on a public resolver. It will look at upstream traffic patterns, cache performance, and other factors that come into play with Client Subnet. At the end of this talk, DNS providers should have a better idea of how Client Subnet...
Robert Edmonds
(Farsight Security, Inc.)
04/10/2015, 17:00
Lightning Presentations
A few existing "whoami" or "dnsecho" authoritative DNS services allow for limited extraction of information about the resolver to the original client that would normally be hidden. For example, querying an anycasted resolver like 8.8.8.8 with the command "dig @8.8.8.8 whoami.akamai.net" will return an address record revealing a unicast initiator address used by the anycast service. This is...
Mr
Geoff Huston
(APNIC)
04/10/2015, 17:15
Public Workshop
Much work has been undertaken in the browser world to produce the so-called "Happy Eyeballs" outcome. This is an outcome where the client will detect if the service is a dual stack service and if so then use a connection process that slightly biases the client in favour of using IPv6 as the transport for the DNS. What evidence is there for a similar mode of behaviour of DNS resolvers? This...
Mr
Keith Mitchell
(DNS-OARC)
05/10/2015, 15:15
NANOG65 DNS Track
Mr
Brian Somers
(OpenDNS, FreeBSD)
05/10/2015, 15:25
NANOG65 DNS Track
Mr
Ray Bellis
(Internet Systems Consortium, Inc.)
05/10/2015, 15:55
NANOG65 DNS Track
Eddy Winstead,
victoria risk
(isc)
05/10/2015, 16:25
NANOG65 DNS Track
Mr
Tomas Hlavacek
(CZ.NIC, z.s.p.o.)
05/10/2015, 16:35
NANOG65 DNS Track
