[dns-operations] DNS-Operations Pre-NANOG Meeting, June 02 - Agenda and info:

Chris Yarnell Chris.Yarnell at nominum.com
Thu May 25 05:38:33 UTC 2006


What:  DNS Operations meeting

When:  Friday, June 02, 2006 9:30 AM - 5:00 PM

Where: Darling Conference Room,
        Cisco Systems, Inc. Building C 150 W. Tasman Drive

We need to provide a list of names to Cisco at least a day before the
meeting so that people will be able to get into the building.  Please
RSVP to rsvp-workshop at nominum.com by Wednesday, May 31 if you plan to
attend.

For those of you who will not be able to make it physically to the
meeting, Cisco is providing Audio and Web Conference capability:

Call MeetingPlace:
Toll-free (US only): 1-866-633-8639
Toll-free (Canada only): 1-866-676-3381 International Direct Dial:
1-650-260-9030 Press 1 to attend a meeting Enter meeting ID (087030)
followed by the # key Follow the prompts to join the audio conference
Meeting ID # 087030

TEST YOUR BROWSER TODAY OR THE DAY BEFORE THE MEETING

Visit (http://denali2.meetingplace.net) if you have not done so before,
to test your web browser you will use in the meeting for compatibility
with the web conference. Click on the "Browser Test" link at the bottom
of the page to run the test.  Turn off any pop-up stoppers, and click on
the "START" the inspection now button on the bottom of the screen. This
will inform you of any problems you might encounter.

Attend a MeetingPlace Web Conference

  Go to http://denali2.meetingplace.net

Enter meeting ID (087030) and click ATTEND MEETING Enter your name in
the "My name is" box and click Attend Meeting Click Yes to any Java
warnings

----------------------------------------------------------------------

General Interest 9:30 - 11:00
-----------------------------
9:30 - 10:00
   Title: CoDoNS and DHT round table
   Presenter:  David Ulevitch, EveryDNS

     Where do groups like ICANN then fit in?  What about the
     root-servers and the TLDs?  There is a lot to discuss and more
     questions than answers.  While the CoDoNS emails a week or two
     back spawned most of this discussion the focus will be more
     general about the impending changes to the DNS and what they could
     mean.

10:00 - 10:20
   Title: Community Response to Inter-network Abuse
   Presenter: Rick Wesson

     Identifying abuse on your network is hard. It frequently involves
     another another network, and most customers are unaware they are
     compromised. The talk will cover ways to address these issues.

10:20 - 10:40
   Title: Building Global Content-Distribution Networks
   Presenter: Bill Woodcock (woody at pch.net)

     Bill Woodcock will discuss his experiences and architectural
     principles in building several generations of global-scale
     content-delivery networks, in the DNS, file-sharing, web content,
     and streaming media spaces. This talk will emphasize anycast and
     topological load-distribution techniques, and address physical
     infrastructure deployment issues.

10:40 - 11:00
   Title: The IDN Experience
   Presenter: Sebastian E. Castro Avila <secastro at nic.cl>

     Last september, .CL enabled IDN domain registration. This talk
     will cover the load, the pattern of registration, use of IDN at
     the DNS level and other details.

11:00 - 11:30 Break

New releases 11:30 - 12:30
------------------------
11:30 - 12:00
   Title: What's new in BIND 9.4.0?
   Presenter: somebody from ISC

12:00 - 12:30
Title: NSD, Version 3
Presenter: Olaf M. Kolkman <olaf at NLnetLabs.nl>

    NSD is an authoritative only, high performance, simple and open
    source name server. This presentation features and overview of the
    history, the design philosophy, the architecture and a peek under
    the hood of the forthcoming version 3.

12:30 - 1:30 Lunch

Monitoring and measuring name servers 1:30 - 2:50
---------------------------------------------------
1:30 - 1:50
   Title: DNS monitoring tools
   Presenters: David Ulevitch <davidu at everydns.net>,
 	      Sebastian E. Castro Avila <secastro at nic.cl>

     A demo and overview of some tools for monitoring authoritative DNS
     servers and discovering trends.  Includes an overview of tools
     used by .CL for real-time DNS monitoring: dnstop+RRD

1:50 - 2:10
   Title: Netperf4
   Presenter: Rick Jones <rick.jones2 at hp.com>

     Netperf4 is the synchronized, multiple system, multiple
     connection, multiple thread version of the venerable netperf (aka
     netperf2) benchmark.  If you like, you can think of netperf4 as
     the "eierlegende wollmilchsau" netperf :) With the multiple-mumble
     design philosophy leaning more towards system-level benchmarking,
     netperf4 is intended as a complement to, rather than a replacement
     for netperf2.

2:10 - 2:30
   Title: An Automated Incident Response System Using BIND Query Logs
   Presenter: John Kristoff <jtk at ultradns.net>

     At Northwestern University we built on top of an existing network
     status and incident management system by incorporating the use of
     BIND query logs as an input source of data.  Using a blacklist of
     domain names that have been identified as servicing botnets as the
     locator for a command and control point, we setup a process to
     monitor queries on the institution's primary name servers to watch
     for accesses to these names.  Using a set of Perl scripts and a
     simple sampling function we were able to issue timely alerts for a
     subset of suspect hosts to local administrators with a very low
     rate of false positives.  This talk will discuss the history,
     implementation details and challenges of the system, which was
     recently shutdown after being run for a little over year in
     production.

2:30 - 2:50
   Duane Wessels <wessels at packet-pushers.com>
   Title: Finding Open Resolvers

     Open DNS resolvers may be considered a threat to Internet security
     because they increase the possibility of cache poisoning, and have
     been used in large-scale DDoS attacks.  This talk explains our
     technique for probing DNS resolvers for openness, how we find
     resolvers to probe, and what our probes have uncovered.

2:50 - 3:20 Break

Operational challenges for TLD name servers 3:20 - 4:00
-------------------------------------------------------
3:20 - 3:40
   Title: Placement of TLD name servers and DNS reliability
   Presenter: Steve Gibbard (scg at gibbard.org)

     The domain name system, without which most Internet applications
     don't work, depends on reliable access to DNS information. Failure
     scenarios therefore exist where two Internet hosts may have
     connectivity to each other, but can't communicate because they
     lack a path to a DNS server in another location. A talk at last
     May's NANOG touched on this problem in the general case. This talk
     will look at the DNS in greater detail, and how the placement of
     DNS servers for various top level domains affects their
     reliability in different parts of the world.

3:40 - 4:00
   Title: Challenges of deploying anycast servers
   Presenter: Sebastian E. Castro Avila <secastro at nic.cl>

     This talk will cover the challenges of deploying anycast on a
     incorrectly organized national network (we've deployed anycast for
     .CL and a F-root replica, and we suffered trying to get it right)
     as well as the right placement for anycast servers. It will
     include a methodology used to find the right place (topologically
     speaking) for .CL anycasted nameservers along with some data and
     some preliminary conclusions.

4:00 - 4:20
    Title: Anatomy of Recent DNS Reflector Attacks From the Victim and
 	  Reflector Points of View
    Presenter: Matt Larson (for Frank Scalzo)

      In the last several months there have been a number of
      significant DDoS attacks using open recursive DNS servers to
      reflect and amplify the attack. In the last several weeks these
      attacks have begun to be picked up by the media. This
      presentation looks at the anatomy of these attacks from the
      victim point of view, as well as from the reflector point of
      view. The presentation looks at a specific attack, breaks down
      the traffic, what filtering does and doesn't work, as well as the
      challenges of each. The presentation also looks at data collected
      from a participating reflector, and extrapolates out the data to
      estimate the size and number of attacks that have been seen. Also
      extrapolated out in the presentation is the potential size of the
      attack if 500,000 open DNS servers were to be used.

DNSSEC 4:20 - 5:00
------------------
4:20 - 4:40
   Title: What's going on with DLV?
   Presenter: somebody from ISC

4:40 - 5:00
   Title: DNSSEC deployment
   Presenter: Russ Mundy <mundy at sparta.com>

     A discussion of the issues around DNSSEC deployment.



More information about the dns-operations mailing list