[dns-operations] DNS activities in Japan

fujiwara at jprs.co.jp fujiwara at jprs.co.jp
Mon Jul 4 08:26:24 UTC 2016 

A DNS meeting "DNS Summer Day 2016" was hold at June 24, 2016, Tokyo, Japan.
I attended as an attendee, and I will report briefly.

  http://dnsops.jp/event20160624.html

  You can read by google translation.
    https://translate.google.co.jp/translate?hl=&sl=ja&tl=en&u=http%3A%2F%2Fdnsops.jp%2Fevent20160624.html

  However, PDF translation does not work.......  You can read japanese
  texts in PDF files by copying text to google translation page.

inside [] shows keywords from Google translated page.

* Morning session: [Graduation from BIND]

  There are presentations about Unbound, PowerDNS, NSD
  and analysis/discussions of reasons why users need to use BIND 9.

* [2016 Kumamoto earthquake and authoritative DNS server]

  Telecom ISAC Japan ( Japan Data Communications Association) measures
  HTTP responses of important infrastructure sites (government, local
  governments, ...) periodically.  After Kumamoto earthquake (15 and
  17 April, 2016), one local government site becomes down.  The
  presentation discussed operational considerations of DNS and Web
  servers.

* [IP53B began]

  A Japanese ISP implemented Inbound port 53 blocking to protect their
  infrastructure.

  # very interesting presentation.

* [I tried hooking a DNS query with [LT] iptables]

  The author developped a iptable DNS module 'iptables-ext-dns'.
  See  https://github.com/mimuret/iptables-ext-dns

* [ In [LT] OCN for providing start and blocking status of "malware
  unauthorized communication block services" ]

  NTT.COM provides malware detection and blocking service for Japanese
  customers.

* [ [LT] survey results relating to the access restriction of zone transfer]

  JPRS evaulated open AXFR (zone transfer) sites.

  Reason is here: https://www.us-cert.gov/ncas/alerts/TA15-103A

* [ For [LT] Secondary DNS Service ]

  See https://github.com/sischkg/xfer-limit

  Most of authoritative DNS server softwares do not have size limit of
  zone transfer. He generated unlimited zone information at master
  server, and transfered to slave servers. BIND 9, knot DNS and Power
  DNS slave servers received unlimited zone informataion and died.
  NSD slave DNS server received unlimited zone data and /tmp became full.

  He generated zone transfer size limit patch for BIND 9, Knot, NSD,
  PowerDNS.

  # this is very interesting presentation.

* [ [LT] XACK introduce you of DNS ]

  A Japanese company is developping their own DNS server software.
  http://xack.co.jp/



If you want english translation, I can forward the request to the
author or secretariat of dnsops.jp. (or some of authors or
secretariats are subscribing this list.)

--
Kazunori Fujiwara, JPRS <fujiwara at jprs.co.jp>

More information about the dns-operations mailing list