3-5 October 2015
Fairmont Queen Elizabeth
US/Eastern timezone
Home > Contribution List

Contribution List

Displaying 36 contributions out of 36
Session: Public Workshop: Root Data Analysis
Track: Public Workshop
The Root Server System Advisory Committee (RSSAC) within ICANN was recently tasked with considering the extent to which the current root zone TTLs are appropriate for today's Internet environment and the impacts of root TTL alterations on the wider DNS system. The historical DITL data from 2014 and 2015 was analyzed for trends in TTL adherence, answering some of the following questions: To what de ... More
Presented by Matthew THOMAS, Duane WESSELS on 4 Oct 2015 at 14:00
Session: Public Workshop
Track: Public Workshop
As part of the IETF's efforts to secure all protocols against pervasive surveillance, several privacy enhancements to the DNS are actively being developed with prototype implementations of such enhancements also emerging. This talk will provide a technical description of these mechanisms as well as deployment challenges and related considerations. Topics to be covered will include query-name minim ... More
Presented by Allison MANKIN, Mr. Shumon HUQUE on 3 Oct 2015 at 14:00
Session: Public Workshop: Resolvers Track
Track: Public Workshop
As a byproduct of our web-based Real User Monitoring (RUM) agent, Dyn obtains the IP addresses of individual hosts running web browsers all over the world as well as the IP addresses of the recursive servers queried by those hosts. We have analyzed a rich data set of over 110 million client IP address-to-recursive IP address mappings to research an area of DNS that we believe has not been suffici ... More
Presented by Matt LARSON on 4 Oct 2015 at 16:00
Session: Public Workshop
Track: Lightning Presentations
This talk will outline the use of tools from the netsniff-ng toolkit and the Linux kernel along with a home-grown benchmark harness to characterize UDP DNS performance. These tools operate very differently from "traditional" utilities like dnsperf/resperf and produce very different results, possibly contradicting conventional wisdom that UDP on Linux is slow.
Presented by Robert EDMONDS on 3 Oct 2015 at 16:45
Session: NANOG65 DNS Track
Track: NANOG65 DNS Track
Presented by Mr. Tomas HLAVACEK on 5 Oct 2015 at 16:35
Session: Public Workshop
Track: Public Workshop
CZ.NIC Labs created and continues to actively develop Knot DNS authoritative DNS server. The development team puts substantial effort into optimizing the server performance and searching for new optimization opportunities. So we created a DISTEL-based lab for benchmarking not only our server but for comparing many different authoritative DNS servers and versions. The presentation shows our meth ... More
Presented by Mr. Tomas HLAVACEK on 3 Oct 2015 at 16:00
Session: Public Workshop: Data Analysis
Track: Lightning Presentations
Cluster the DNS domains is a basic but very important work in analyzing the dizzy businesses of the Internet. Only based on the accurate clustered domain result, we can discern and analyze all kinds of DNS data. Now, most of the works focus on the domain structure and hoping finding the relationships among kinds of domains. Recently, based on the largest public passiveDNS database in China, we are ... More
Presented by Mr. zaifeng ZHANG on 4 Oct 2015 at 12:00
Session: Public Workshop: Operations Track
Track: Public Workshop
This Abstract describes the concepts, the development and the functionalities of the DENIC DNS Countinuous Integration and Deployment Pipeline. Furthermore the advantages you could receive through this technics and automated testing. More informations will follow in the summary form.
Presented by Mr. Christian PETRASCH on 4 Oct 2015 at 09:30
Session: Members Session
Track: Members-Only
Presented by Mr. Ralf WEBER on 3 Oct 2015 at 11:55
Session: Public Workshop: Data Analysis
Track: Public Workshop
#Introduction As the operator of the .nl ccTLD, SIDN is very interested in keeping the .nl zone as safe as possible. Analyzing the query data can help to detect cybercrime activity in the .nl zone which we can than try to cleanup. Traditional DNS query data analysis done by storing data as PCAP's and analyzing them with tools such a tshark and wireshark is often a slow and painful process. Wh ... More
Presented by Mr. M WULLINK on 4 Oct 2015 at 11:30
Session: NANOG65 DNS Track
Track: NANOG65 DNS Track
Presented by Mr. Keith MITCHELL on 5 Oct 2015 at 15:15
Session: NANOG65 DNS Track
Track: NANOG65 DNS Track
Presented by Mr. Ray BELLIS on 5 Oct 2015 at 15:55
Session: Public Workshop: Root Data Analysis
Track: Public Workshop
ISC has been using data routinely collected by every RIPE Atlas node to research the effectiveness of F-root's current transit and peering arrangements. The presentation will show how visualisation of this data can identify issues that should be resolved, along with "before and after" pictures showing the effect of changes that we already made to our routing configuration based on this analysis ... More
Presented by Mr. Ray BELLIS on 4 Oct 2015 at 14:30
Session: Public Workshop: Resolvers Track
Track: Public Workshop
Much work has been undertaken in the browser world to produce the so-called "Happy Eyeballs" outcome. This is an outcome where the client will detect if the service is a dual stack service and if so then use a connection process that slightly biases the client in favour of using IPv6 as the transport for the DNS. What evidence is there for a similar mode of behaviour of DNS resolvers? This present ... More
Presented by Mr. Geoff HUSTON on 4 Oct 2015 at 17:15
Session: Public Workshop
Track: Lightning Presentations
The presentation discusses just an idea about DNS over QUIC and zone transfer over QUIC or TLS/TCP. The third transport of DNS may be QUIC. Both DNS and QUIC use UDP and port 53/UDP may be possible to share. (If possible, implementation status will be reported, but it seems hard.) And zone transfers may be performed over QUIC or TLS/TCP transport with server certificate authentication.
Presented by Mr. Kazunori FUJIWARA on 3 Oct 2015 at 17:30
Session: Public Workshop
Track: Public Workshop
Using traffic captured at two different ISP's recursive resolvers we analise the potential impact on the servers of long lived TCP sessions, investigating the effect of timeout settings, the total number of simultaneous connections that would be kept open and the potential benefits of connection reuse as proposed in the current version of draft-ietf-dnsop-5966bis, with the intent of offering simul ... More
Presented by Mr. Joao Luis SILVA DAMAS on 3 Oct 2015 at 17:00
Session: Public Workshop
Track: Lightning Presentations
The EDNS (Extension mechanisms for DNS) protocol allows us to add new features to DNS that were not envisioned when DNS was originally specified. DNSSEC, Client-subnet Identifier and DNS cookies are applications that use EDNS. It appears from ISC's testing that a significant percentage of sites that support EDNS do not respond well to unknown EDNS options. The failure mode can be as severe as ... More
Presented by victoria RISK on 3 Oct 2015 at 16:30
Session: NANOG65 DNS Track
Track: NANOG65 DNS Track
Presented by victoria RISK, Eddy WINSTEAD on 5 Oct 2015 at 16:25
Session: Public Workshop: Data Analysis
Track: Public Workshop
In addition to driving ccTLD growth, a strong national content hosting industry improves consumer experience by making content faster, cheaper, and more accessible. Ironically, the existence of a large content-hosting industry next door has tended to artificially reduce the percentage of both Canadian and Mexican content that is domestically hosted. In this talk, we'll examine the most popula ... More
Presented by Matt LARSON, Jim COWIE on 4 Oct 2015 at 11:00
Session: Members Session
Track: OARC AGM
Presented by Mr. Ondrej FILIP on 3 Oct 2015 at 10:00
Session: NANOG65 DNS Track
Track: NANOG65 DNS Track
Presented by Mr. Brian SOMERS on 5 Oct 2015 at 15:25
Session: Public Workshop: Operations Track
Track: Public Workshop
DNS ANY queries are a source of controversy and strong feelings. In practice ANY queries are used for debug purposes, but are frequently abused in amplification attacks, as they give the best amplification factor. In some non-traditional DNS authoritative servers the cost of answering ANY queries can be high due to multiple DB lookups and dynamic records. Once in a while someone thinks that usin ... More
Presented by Mr. Ólafur GUÐMUNDSSON on 4 Oct 2015 at 10:00
Session: Public Workshop
Track: Public Workshop
This talk will discuss upcoming and future steps envisioned to increase the adoption of DNSSEC and DANE (DNS-based Authentication of Named Entities) by Internet applications. It will start by providing an overview of the current state of adoption of DANE, and then discuss challenges faced by some application communities and some applications for which DANE doesn't yet provide a solution. Among the ... More
Presented by Mr. Shumon HUQUE on 3 Oct 2015 at 15:00
Session: Members Session
Track: OARC AGM
on 3 Oct 2015 at 10:35
Session: Members Session
Track: OARC AGM
Presented by Mr. Keith MITCHELL on 3 Oct 2015 at 10:05
Session: Members Session
Track: Public Workshop
Presented by Ms. Dalini KHEMLANI on 3 Oct 2015 at 11:35
Session: Members Session
Track: Public Workshop
Presented by Mr. William SOTOMAYOR on 3 Oct 2015 at 11:15
Session: Members Session
Track: OARC AGM
Presented by Duane WESSELS on 3 Oct 2015 at 10:25
Session: Public Workshop: Operations Track
Track: Public Workshop
Open resolvers will always be a target for abuse either as an attack amplification point or as a mask of the attack source. This presentation discusses the measures that OpenDNS has put in place to ensure that their open resolvers contribute towards reducing or blocking DDoS attacks. It goes on to discuss future plans to identify limit or block DoS sources.
Presented by Mr. Brian SOMERS on 4 Oct 2015 at 09:00
Presented by Mr. Mauricio VERGARA ERECHE on 4 Oct 2015 at 13:00
Session: Public Workshop: Data Analysis
Track: Public Workshop
NZRS has been running zone scans on a monthly basis over the active .nz domain names for the past two years. We are using dnscheck with custom changes to collect DNS health information, as well as IPv6 deployment metrics. The data is of no use if it can't be made readily available to interested parties. To sort this out, NZRS will start using an open data portal provided by Socrata to allow ope ... More
Presented by Mr. Sebastian CASTRO on 4 Oct 2015 at 12:15
Session: Public Workshop: Resolvers Track
Track: Public Workshop
Client Subnet offers the ability to offer better geolocation of end-users via DNS responses. This talk will concentrate on what happens when Client Subnet is enabled on a public resolver. It will look at upstream traffic patterns, cache performance, and other factors that come into play with Client Subnet. At the end of this talk, DNS providers should have a better idea of how Client Subnet wil ... More
Presented by Brian HARTVIGSEN on 4 Oct 2015 at 16:30
Session: NANOG65 DNS Track
Track: NANOG65 DNS Track
Presented by Adiel AKPLOGAN on 5 Oct 2015 at 17:05
Session: Public Workshop: Root Data Analysis
Track: Public Workshop
Thirteen years ago Verisign renumbered j.root-servers.net so that it could be anycasted. Since that time, we have been continuing to answer queries sent to the old IP address. We have also been collecting some data on queries to old J-root. In this presentation we will explore such questions as: what do we know about the clients of old J-root? Do they overlap with clients of the real J-root? ... More
Presented by Duane WESSELS on 4 Oct 2015 at 15:00
Session: Public Workshop
Track: Public Workshop
This talk will focus on the existing prototype implementations of DNS-over-TLS and dive into some of the finer points of using TLS in practice. This will include authentication issues, performance considerations, TCP connection management, DoS mitigation and a demonstration. It will also discuss the current best practices for using TLS in applications and the upcoming developments in TLS 1.3.
Presented by Sara DICKINSON on 3 Oct 2015 at 14:30
Session: Public Workshop: Resolvers Track
Track: Lightning Presentations
A few existing "whoami" or "dnsecho" authoritative DNS services allow for limited extraction of information about the resolver to the original client that would normally be hidden. For example, querying an anycasted resolver like 8.8.8.8 with the command "dig @8.8.8.8 whoami.akamai.net" will return an address record revealing a unicast initiator address used by the anycast service. This is "one-le ... More
Presented by Robert EDMONDS on 4 Oct 2015 at 17:00