[dns-operations] DNS-Operations Pre-NANOG Meeting, June 02 - Agenda and info:
Chris Yarnell
Chris.Yarnell at nominum.com
Thu May 25 05:38:33 UTC 2006
What: DNS Operations meeting
When: Friday, June 02, 2006 9:30 AM - 5:00 PM
Where: Darling Conference Room,
Cisco Systems, Inc. Building C 150 W. Tasman Drive
We need to provide a list of names to Cisco at least a day before the
meeting so that people will be able to get into the building. Please
RSVP to rsvp-workshop at nominum.com by Wednesday, May 31 if you plan to
attend.
For those of you who will not be able to make it physically to the
meeting, Cisco is providing Audio and Web Conference capability:
Call MeetingPlace:
Toll-free (US only): 1-866-633-8639
Toll-free (Canada only): 1-866-676-3381 International Direct Dial:
1-650-260-9030 Press 1 to attend a meeting Enter meeting ID (087030)
followed by the # key Follow the prompts to join the audio conference
Meeting ID # 087030
TEST YOUR BROWSER TODAY OR THE DAY BEFORE THE MEETING
Visit (http://denali2.meetingplace.net) if you have not done so before,
to test your web browser you will use in the meeting for compatibility
with the web conference. Click on the "Browser Test" link at the bottom
of the page to run the test. Turn off any pop-up stoppers, and click on
the "START" the inspection now button on the bottom of the screen. This
will inform you of any problems you might encounter.
Attend a MeetingPlace Web Conference
Go to http://denali2.meetingplace.net
Enter meeting ID (087030) and click ATTEND MEETING Enter your name in
the "My name is" box and click Attend Meeting Click Yes to any Java
warnings
----------------------------------------------------------------------
General Interest 9:30 - 11:00
-----------------------------
9:30 - 10:00
Title: CoDoNS and DHT round table
Presenter: David Ulevitch, EveryDNS
Where do groups like ICANN then fit in? What about the
root-servers and the TLDs? There is a lot to discuss and more
questions than answers. While the CoDoNS emails a week or two
back spawned most of this discussion the focus will be more
general about the impending changes to the DNS and what they could
mean.
10:00 - 10:20
Title: Community Response to Inter-network Abuse
Presenter: Rick Wesson
Identifying abuse on your network is hard. It frequently involves
another another network, and most customers are unaware they are
compromised. The talk will cover ways to address these issues.
10:20 - 10:40
Title: Building Global Content-Distribution Networks
Presenter: Bill Woodcock (woody at pch.net)
Bill Woodcock will discuss his experiences and architectural
principles in building several generations of global-scale
content-delivery networks, in the DNS, file-sharing, web content,
and streaming media spaces. This talk will emphasize anycast and
topological load-distribution techniques, and address physical
infrastructure deployment issues.
10:40 - 11:00
Title: The IDN Experience
Presenter: Sebastian E. Castro Avila <secastro at nic.cl>
Last september, .CL enabled IDN domain registration. This talk
will cover the load, the pattern of registration, use of IDN at
the DNS level and other details.
11:00 - 11:30 Break
New releases 11:30 - 12:30
------------------------
11:30 - 12:00
Title: What's new in BIND 9.4.0?
Presenter: somebody from ISC
12:00 - 12:30
Title: NSD, Version 3
Presenter: Olaf M. Kolkman <olaf at NLnetLabs.nl>
NSD is an authoritative only, high performance, simple and open
source name server. This presentation features and overview of the
history, the design philosophy, the architecture and a peek under
the hood of the forthcoming version 3.
12:30 - 1:30 Lunch
Monitoring and measuring name servers 1:30 - 2:50
---------------------------------------------------
1:30 - 1:50
Title: DNS monitoring tools
Presenters: David Ulevitch <davidu at everydns.net>,
Sebastian E. Castro Avila <secastro at nic.cl>
A demo and overview of some tools for monitoring authoritative DNS
servers and discovering trends. Includes an overview of tools
used by .CL for real-time DNS monitoring: dnstop+RRD
1:50 - 2:10
Title: Netperf4
Presenter: Rick Jones <rick.jones2 at hp.com>
Netperf4 is the synchronized, multiple system, multiple
connection, multiple thread version of the venerable netperf (aka
netperf2) benchmark. If you like, you can think of netperf4 as
the "eierlegende wollmilchsau" netperf :) With the multiple-mumble
design philosophy leaning more towards system-level benchmarking,
netperf4 is intended as a complement to, rather than a replacement
for netperf2.
2:10 - 2:30
Title: An Automated Incident Response System Using BIND Query Logs
Presenter: John Kristoff <jtk at ultradns.net>
At Northwestern University we built on top of an existing network
status and incident management system by incorporating the use of
BIND query logs as an input source of data. Using a blacklist of
domain names that have been identified as servicing botnets as the
locator for a command and control point, we setup a process to
monitor queries on the institution's primary name servers to watch
for accesses to these names. Using a set of Perl scripts and a
simple sampling function we were able to issue timely alerts for a
subset of suspect hosts to local administrators with a very low
rate of false positives. This talk will discuss the history,
implementation details and challenges of the system, which was
recently shutdown after being run for a little over year in
production.
2:30 - 2:50
Duane Wessels <wessels at packet-pushers.com>
Title: Finding Open Resolvers
Open DNS resolvers may be considered a threat to Internet security
because they increase the possibility of cache poisoning, and have
been used in large-scale DDoS attacks. This talk explains our
technique for probing DNS resolvers for openness, how we find
resolvers to probe, and what our probes have uncovered.
2:50 - 3:20 Break
Operational challenges for TLD name servers 3:20 - 4:00
-------------------------------------------------------
3:20 - 3:40
Title: Placement of TLD name servers and DNS reliability
Presenter: Steve Gibbard (scg at gibbard.org)
The domain name system, without which most Internet applications
don't work, depends on reliable access to DNS information. Failure
scenarios therefore exist where two Internet hosts may have
connectivity to each other, but can't communicate because they
lack a path to a DNS server in another location. A talk at last
May's NANOG touched on this problem in the general case. This talk
will look at the DNS in greater detail, and how the placement of
DNS servers for various top level domains affects their
reliability in different parts of the world.
3:40 - 4:00
Title: Challenges of deploying anycast servers
Presenter: Sebastian E. Castro Avila <secastro at nic.cl>
This talk will cover the challenges of deploying anycast on a
incorrectly organized national network (we've deployed anycast for
.CL and a F-root replica, and we suffered trying to get it right)
as well as the right placement for anycast servers. It will
include a methodology used to find the right place (topologically
speaking) for .CL anycasted nameservers along with some data and
some preliminary conclusions.
4:00 - 4:20
Title: Anatomy of Recent DNS Reflector Attacks From the Victim and
Reflector Points of View
Presenter: Matt Larson (for Frank Scalzo)
In the last several months there have been a number of
significant DDoS attacks using open recursive DNS servers to
reflect and amplify the attack. In the last several weeks these
attacks have begun to be picked up by the media. This
presentation looks at the anatomy of these attacks from the
victim point of view, as well as from the reflector point of
view. The presentation looks at a specific attack, breaks down
the traffic, what filtering does and doesn't work, as well as the
challenges of each. The presentation also looks at data collected
from a participating reflector, and extrapolates out the data to
estimate the size and number of attacks that have been seen. Also
extrapolated out in the presentation is the potential size of the
attack if 500,000 open DNS servers were to be used.
DNSSEC 4:20 - 5:00
------------------
4:20 - 4:40
Title: What's going on with DLV?
Presenter: somebody from ISC
4:40 - 5:00
Title: DNSSEC deployment
Presenter: Russ Mundy <mundy at sparta.com>
A discussion of the issues around DNSSEC deployment.
More information about the dns-operations
mailing list