mydnsipv6 Success Story
|
|
- Audra Walker
- 8 years ago
- Views:
Transcription
1 Internet Identity For All mydnsipv6 Success Story By Norsuzana Harun Manager, Technology and Innovation Dept. 20 th July 2009
2 Agenda 1. About mydnsipv6 mydnsipv6 Roadmap ( ) 2. mydnsipv6 Test Bed 3. 4 related changes to.my registry system.my Registry System Interface Changes.my Registry System Backend Changes 4. Test Cases Test Cases for Network Equipments Test Cases for DNS Activities Test Cases for Web Interface and Database Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 2
3 Agenda (cont) 5. Registration to IANA 6. IPv6 Connectivity and Security Audit 7. Public Launch 8..my s IPv6 Enabled Domain Names 9. The Way Forward 10. Conclusion Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 3
4 About mydnsipv6 Objectives To actualize and facilitate IPv4 to IPv6 transition as mandated in Malaysian Information, Communication and Multimedia Services 886 (MyICMS 886) IPv6 is a mandated Infrastructure Government agencies to adopt IPv6 by year 2010 To provide IPv4 and IPv6 enabled DNS registry system Public are able to register.my domain name with IPv6 enabled name server(s) Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 4
5 mydnsipv6 Roadmap ( ) TRIAL PHASE DEPLOYMENT AWARENESS a) Study current MYNIC's DNS system and DNS naming compressio n (512 bytes limitation) b) Organize.my training related to DNS and IPv6 topics a) Formation of R&D lab and server room b) Develop and launch mydnsipv6 Test bed for public to test in July c) Organize.my training related to DNS and IPv6 topics d) Organize seminar pertinent to DNS related technologies (NICE) e) IPv6 Readiness Survey a) Enhanced the registry system and testing b) Launch IPv6 enabled.my registry system c) Deployment of IPv6 for secondary DNS d) Security audit and IPv6 connectivity test by appointed auditor e) IPv6 Readiness Survey (Continue) f) Organize MYNIC DNS security seminar (WCIT) g).my Training related to DNS, IPv6 and Security topics a).my Training related to DNS, IPv6 and Security topics b) IPv6 awareness program road tour c) Integrate IPv6 with other MYNIC projects (DNSSEC, myanycast and ENUM) d) Security audit (Networks and Servers) by appointed auditor a) Integrate IPv6 with other MYNIC projects (Webserver, mail and whois servers) b).my Training related to DNS, IPv6 and Security topics c) Security audit (Networks and Servers) by appointed auditor Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 5
6 mydnsipv6 Test Bed Started on 17th July and closed on 30th August participants 58 testing domain registered Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 6
7 4 related changes to.my registry system Web Interface and Application New domain registration will allow input and validation of IPv6 addresses for name server Current domain name holder will able to assign IPv6 address for their name server Backend and Network Change.my Domain Registry s co location service provider need to enable the router to support dual stack (IPv4 & IPv6) Upgrade network equipments to support dual stack (IPv4 & IPv6) Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 7
8 4 related changes to.my registry system Database Additional field to keep IPv6 address information Security Appointed third party to audit our servers and networks Harden our servers and networks according to the audit report Upgrade firewall and install IPS Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 8
9 .my Registry System Interface Changes Web interface comparison Customers are able to enter IPv4 address only. Simplified page: Customers are not able to enter IP addresses. They have to use the Name Server Creation page (which is on the following slide). Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 9
10 .my Registry System Interface Changes Additional input field for IPv6 address Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 10
11 .my Registry System Interface Changes Name server modification 2001:328:1000:3:: :328:1000:3::11 Customers able to view and modify the IPv4 & IPv6 addresses Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 11
12 .my Registry System Interface Changes Modify existing Name Server IP addresses 2001:328:1000:3:: :328:1000:3::11 Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 12
13 .my Registry System Backend Changes Dual stack firewall, IPS and DNS servers (wef: 16 th Aug 08) Firewall IPv6 address DNS Servers IPv6 address A record AAAA record Reverse lookup for IPv6 address Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 13
14 Test Cases for Network Equipments Equipment Test Description Objectives Routers Firewall Configure IPv6 address for the router Test the network (which go through the router) by using IPv6 protocol Configure IPv6 address for the Firewall Test the network (which go through the firewall) by using IPv6 protocol To ensure the OS support IPv6 protocol To ensure the IPv6 transport able to go through the network To ensure the firewall also able to filter IPv6 address IPS (Intrusion Prevention System) Configure IPv6 address for the IPS Test the network (which go through the IPS) by using IPv6 protocol Switches (layer 2) Use the switches to connect 2 IPv6 network segments To ensure the IPv6 transport able to go through the network Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 14
15 Test Cases for DNS Activities Activities Test Description Objectives DNS Query Zone Transfer DNS Extension for IPv6 (EDNS0 or Data size) Use a dig command to query the data from IPv4 only DNS, IPv6 only DNS and also dual stack DNS Use a dig +axfr command to check the zone transfer activities, check the bind log to find out the transaction is run on v4 or v6 transport Create a large (huge) zone of domain, and do a dig to it authoritative server, make sure the respond datagram s size is larger than 512 octets To ensure the DNS query can be functioning between IPv4 only, IPv6 only and dual stack To verify IPv6 protocol is the preferred protocol for the To process ensure the DNS query can be functioning between IPv4 only, IPv6 only and dual stack To verify IPv6 protocol is the preferred protocol for the To process ensure the respond data will not get loss if the respond datagram s size is larger than 512 octets Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 15
16 Test Cases for Web Interface and Database Activities Test Description Objectives New registration Modification Submit different type of IPv6 address format through the online DNS registration form Submit different type of IPv6 address format through the online DNS modification form Database field Insert different type of IPv6 data format into the database field To ensure the IPv6 addresses are 128 bits long, written in hexadecimal, and separated by colons Filter and reject all the invalid IPv6 addresses being insert into the To database ensure the IPv6 addresses are 128 bits long, written in hexadecimal, and separated by colons. Filter and reject all the invalid IPv6 addresses being insert into the To database ensure the data field has correct data type and enough field length to keep IPv6 data Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 16
17 .my s DNS Server Registration to IANA Can only proceed when the name server is ready with IPv6 in production environment Registration being made under Requests by cctld Managers to Change Name servers procedure. The IANA is responsible for receiving and acting on requests by the designated cctld managers to change information (name and IP address) The request submission date was on 19 th August 2008 Updated the glue record by IANA on 26 th August 2008 Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 17
18 .my s DNS Server Registration to IANA (cont) Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 18
19 .my s DNS Server Registration to IANA (cont) Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 19
20 IPv6 Connectivity and Security Audit Certificate for IPv6 Level 1 Network connectivity Certificate for Security Audit Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 20
21 Public Launch Launch mydnsipv6 on 23th Nov 2009.my Domain Registry are no 127 th TLD support IPv6 out of 296 TLD in the world Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 21
22 .my s IPv6 Enabled Domain Names According to categories Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 22
23 .my s IPv6 Enabled Domain Names (cont) Low adoption from domain name s holder. As of 18 th July 2009, only 17 or 0.02% out of 83,319.my domain names support IPv6 Possible Reasons (???) : 1. No urgency for the migration/ipv6 2. Lack of technical expertise for IPv6 3. Lack of awareness programs 4. Motivation factors Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 23
24 .my s IPv6 Enabled Domain Names (cont) Category:.my (9) Domain Name Primary Primary IPv6 Secondary Secondary IPv6 1 bsd.my benkyo.mybsd.org. my 2 cybershop.my ns1.my 2001:328:ff00:1:215:c5ff:fe6 0:74f8 2001:328:2002:ace::1000 ns1.everydns.net ns2.my 3 erion.m y n1.erion.my 2001:470:1f08:61d::2 n2.erion.my 2001:960:2:585::2 4 hack.my benkyo.mybsd.org. my 5 infoweapons.my atlcolodns1.infowea pons.com 2001:328:2002:ace::1000 ns2.afraid.org 2001:418:5403::2 atlcolodns2.infow eapons.com 6 jaring.my dns2.jaring.my 2001:328:200:ab::100 ns7.jaring.my 2001:418:5403::3 7 ns1.my ns1.my 2001:328:ff00:1:215:c5ff:fe6 0:74f8 ns2.my 8 ntt.my ns1.arc.net.my 2001:c18::25 ns2.arc.net.my 2001:c18::24 9 void.my benkyo.mybsd.org. my 2001:328:2002:ace::1000 ns2.afraid.org Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 24
25 .my IPv6 Enabled Domain Names (cont) Category:.net.my (3) and.org.my (2).net.my Domain Name Primary Primary IPv6 Secondary Secondary IPv6 1 arcnet6.net.my ns1.arc.net.my 2001:c18::25 ns2.arc.net.my 2001:c18::24 2 infoweapons.net.my atlcolodns1.infoweapo ns.com 2001:418:5403::2 atlcolodns2.info weapons.com 2001:418:5403::3 3 myren.net.my ns1.myren.net.my 2404:a8:400:200 0::53.org.my ns2.myren.net.m y 1 myren.org.my ns1.myren.net.my 2404:a8:400:200 0::53 ns2.myren.net.m y 2 neohumanist.org.my ns1.arc.net.my 2001:c18::25 ns2.arc.net.my 2001:c18::24 Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 25
26 .my IPv6 Enabled Domain Names (cont) Category:.com.my (3) Domain Name Primary Primary IPv6 Secondary Secondary IPv6 1 arcnet6.com.my ns1.arc.net.my 2001:c18::25 ns2.arc.net.my 2001:c18::24 2 infoweapons.com.my atlcolodns1.infoweap ons.com 3 myren.com.my ns1.myren.net.my 2404:a8:400:2000: : :418:5403::2 atlcolodns2.infow eapons.com ns2.myren.net.my 2001:418:5403:: 3 Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 26
27 The Way Forward Keep up to date on IPv6 activities around the world Attend and join IPv6 related events Joining IPv6 Working group ( MSTFB, AP IPv6 Task Force ) encourage registration of domain with IPv6 Name servers Integrate IPv6 with other.my DOMAIN REGISTRY projects (DNSSEC, myanycast, ENUM, Webserver, mail and whois servers).my Domain Registry is seriously put an effort on awareness program for public to increase the number of domain with IPv6 Conduct series of IPv6 technology workshops / seminars / training Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 27
28 Conclusion This project took about 3 years to get into production and at this time we are focusing on IPv6 at our secondary Testing Firewalls for IPv6 and EDNS0 Support ( sac016.htm) Good practice for migration is to start with dual stack approach Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 28
29 Thank You! Internet Identity for All MYNIC Berhad 2009 Strictly Private & Confidential 29
Use Domain Name System and IP Version 6
Use Domain Name System and IP Version 6 What You Will Learn The introduction of IP Version 6 (IPv6) into an enterprise environment requires some changes both in the provisioned Domain Name System (DNS)
More informationCIRA s experience in deploying IPv6
CIRA s experience in deploying IPv6 Canadian Internet Registration Authority (CIRA) Jacques Latour Director, Information Technology Ottawa, April 29, 2011 1 About CIRA The Registry that operates the Country
More informationDNS & IPv6. Agenda 4/14/2009. MENOG4, 8-9 April 2009. Raed Al-Fayez SaudiNIC CITC rfayez@citc.gov.sa, www.nic.net.sa. DNS & IPv6.
DNS & IPv6 MENOG4, 8-9 April 2009 Raed Al-Fayez SaudiNIC CITC rfayez@citc.gov.sa, www.nic.net.sa Agenda DNS & IPv6 Introduction What s next? SaudiNIC & IPv6 About SaudiNIC How a cctld Registry supports
More informationAPNIC IPv6 Deployment
APNIC IPv6 Deployment Ulaanbaatar, Mongolia 19 October 2015 Issue Date: Revision: Overview Deployment motivation Network deployment IPv6 Services deployment IPv6 Anycast service IPv6 Cloud service Summary
More informationPublic-Root Name Server Operational Requirements
Public-Root Name Server Operational Requirements Published January the 17 th, 2005 Status of this Document This document provides information to the Public-Root and Internet technical community. This document
More informationDNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .
Computer System Security and Management SMD139 Lecture 5: Domain Name System Peter A. Jonsson DNS Translation of Hostnames to IP addresses Hierarchical distributed database DNS Hierarchy The Root Name
More informationFAQ (Frequently Asked Questions)
FAQ (Frequently Asked Questions) Specific Questions about Afilias Managed DNS What is the Afilias DNS network? How long has Afilias been working within the DNS market? What are the names of the Afilias
More informationPart I - Gathering WHOIS Information
Part I - Gathering WHOIS Information Exercise 1: command-line WHOIS queries: in the following exercise you will use a Linux system to perform WHOIS lookups from a command-line. This requires outbound TCP
More informationJapan Registry Service. ENUM Trial in Japan. NGI2 & IPv6 DNS Operation Workshop 5 Dec 2003 Yoshiro YONEYA <yone@jprs.co.jp> Copyright 2003 JPRS
ENUM Trial in Japan NGI2 & IPv6 DNS Operation Workshop 5 Dec 2003 Yoshiro YONEYA Background Typical ENUM world PSTN SIP Server MGW Location Servre Mail, ifax, SMS, etc. PSTN ENUM Infrastructure
More informationDNS Cache Poisoning Vulnerability Explanation and Remedies Viareggio, Italy October 2008
DNS Cache Poisoning Vulnerability Explanation and Remedies Viareggio, Italy October 2008 Kim Davies Internet Assigned Numbers Authority Internet Corporation for Assigned Names & Numbers Agenda How do you
More informationSANS Technology Institute Group Discussion/Written Project. The Rapid Implementation of IPv6 at GIAC Enterprises
SANS Technology Institute Group Discussion/Written Project The Rapid Implementation of IPv6 at GIAC Enterprises 12/9/2010 Stacy Jordan Beth Binde Glen Roberts Table of Contents Executive Summary 3 Background
More informationNANOG DNS BoF. DNS DNSSEC IPv6 Tuesday, February 1, 2011 NATIONAL ENGINEERING & TECHNICAL OPERATIONS
NANOG DNS BoF DNS DNSSEC IPv6 Tuesday, February 1, 2011 NATIONAL ENGINEERING & TECHNICAL OPERATIONS The Role Of An ISP In DNSSEC Valida;on ISPs act in two different DNSSEC roles, both signing and valida;ng
More informationResponse to Solicitation Number: SA-13-01-6R-P0-016
Response to Solicitation Number: SA-13-01-6R-P0-016 Offered by: Internet Corporation for Assigned Names and Numbers 4676 Admiralty Way, Suite 330 Marina del Rey, CA 90292 USA +1-310-823-9358 (tel) +1-310-823-8649
More informationGlossary of Technical Terms Related to IPv6
AAAA Record An AAAA record stores a 128-bit Internet Protocol version 6 (IPv6) address, which does not fit the standard A record format. For example, 2007:0db6:85a3:0000:0000:6a2e:0371:7234 is a valid
More informationDeployment Guide A10 Networks/Infoblox Joint DNS64 and NAT64 Solution
Deployment Guide A10 Networks/Infoblox Joint DNS64 and NAT64 Solution DG_ACC_062011.1 TABLE OF CONTENTS 1 Introduction... 3 2 Deployment Guide Overview... 3 3 Lab Setup Requirements... 3 4 Architecture
More informationIPV6 SERVICES DEPLOYMENT
IPV6 SERVICES DEPLOYMENT LINX IPv6 Technical Workshop - March 2009 Jaco Engelbrecht Group Platforms Manager, clara.net DNS root zone goes AAAA! On 4 th February 2008 IANA added AAAA records for the A,
More informationPre Delegation Testing (PDT) Frequently Asked Questions (FAQ)
Pre Delegation Testing (PDT) Frequently Asked Questions (FAQ) [Ver 1.7 2013-06- 04] List of contents General questions Who do I contact with questions about Pre- Delegation Testing?... 3 What is the process
More informationDomain Name System 2015-04-28 17:49:44 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
Domain Name System 2015-04-28 17:49:44 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Domain Name System... 4 Domain Name System... 5 How DNS Works
More informationIANA Functions to cctlds Sofia, Bulgaria September 2008
IANA Functions to cctlds Sofia, Bulgaria September 2008 Kim Davies Internet Assigned Numbers Authority Internet Corporation for Assigned Names & Numbers What is IANA? Internet Assigned Numbers Authority
More informationLAB: Concept of DNS. Completed by: Learning the basics of DNS. Lab preparation: Boot a Linux OS Document version: 20110317. Class: Name: Surname:
LAB: Concept of DNS Target: Learning the basics of DNS Tools: dig Lab preparation: Boot a Linux OS Document version: 20110317 Completed by: Class: Name: Surname: Comments: Instructions: Who's responsible
More informationRequest for Comments: 1788 Category: Experimental April 1995
Network Working Group W. Simpson Request for Comments: 1788 Daydreamer Category: Experimental April 1995 Status of this Memo ICMP Domain Name Messages This document defines an Experimental Protocol for
More informationTrends in.ro registration policy and procedures, transition to the EPP system
Trends in.ro registration policy and procedures, transition to the EPP system Eugenie Staicut National Institute for R&D in Informatics Bucharest, Romania estaicut@rotld.ro .ro cctld Registry February
More informationIPv6 and DNS. Secure64
IPv6 and DNS Secure64 About me Stephan Lagerholm Director and Founder of TXv6TF. Secure64 Software Corp. Sponsor of the event. AGENDA DNS and IPv6 basics IETF progress: DNS64 (RFC 6147) 464XLAT (RFC 6877)
More informationIPv6 and.hk. Jonathan Shea. HKIRC 23 November 2009
IPv6 and.hk Jonathan Shea HKIRC 23 November 2009 Hong Kong Internet Registration Corporation Limited (HKIRC) 香 港 互 聯 網 註 冊 管 理 有 限 公 司 HKIRC is a non-profit member-based organisation set up in December
More informationCopyright 2012 http://itfreetraining.com
In order to find resources on the network, computers need a system to look up the location of resources. This video looks at the DNS records that contain information about resources and services on the
More informationReal World IPv6 Migration Solutions. Asoka De Saram Sr. Director of Systems Engineering, A10 Networks
Real World IPv6 Migration Solutions Asoka De Saram Sr. Director of Systems Engineering, A10 Networks 1 Agenda Choosing the right solutions Design considerations IPv4 to IPv6 migration road map Consumer
More informationSecure64. Use cases for DNS64/NAT64
Secure64 Use cases for DNS64/NAT64 Agenda / About Me VP of Sales and Customer Solutions at Secure64 Software Corp. Director and founder of the TXv6TF Personal blog at IPv4depletion.com 1 IPv4 Depletion
More informationAPRICOT-APAN 2011, Hong Kong IPv6 Transition Conference 22 February 2011. C. K. Ng
APRICOT-APAN 2011, Hong Kong IPv6 Transition Conference 22 February 2011 The Government of the Hong Kong Special Administrative Region C. K. Ng Programme Manager, Government Office of the Government Chief
More informationIETF Update on RDAP. ICANN52 Singapore CCTLD Tech Day. Marc Blanchet Viagénie marc.blanchet@viagenie.ca
IETF Update on RDAP ICANN52 Singapore CCTLD Tech Day Marc Blanchet Viagénie marc.blanchet@viagenie.ca February 9th 2015 From Whois to RDAP RDAP: Registration Data Access Protocol replacement of whois structured
More informationNetworks 3. 2015 University of Stirling CSCU9B1 Essential Skills for the Information Age. Content
Networks 3 Lecture Networks 3/Slide 1 Content What is a communications protocol? Network protocols TCP/IP High-level protocols Firewalls Network addresses Host name IP address Domain name system (DNS)
More informationIPv6, Perspective from small to medium ISP
IPv6, Perspective from small to medium ISP April 13 th, 2010 INET Conference, Hong Kong Christian Dwinantyo Overview Some myths and facts about IPv6 Implementation Strategy Before you begin Case study:
More information2008 DNS Cache Poisoning Vulnerability Cairo, Egypt November 2008
2008 DNS Cache Poisoning Vulnerability Cairo, Egypt November 2008 Kim Davies Manager, Root Zone Services Internet Corporation for Assigned Names & Numbers How does the DNS work? A typical DNS query The
More informationIPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.
IPV6 DEPLOYMENT GUIDELINES FOR CABLE OPERATORS Patricio i S. Latini i ARRIS Group, Inc. Current IPv4 Situationti IANA has already assigned the last IPv4 Blocks to the RIRs. RIRs address exhaustion may
More informationIPv6 Security: How is the Client Secured?
IPv6 Security: How is the Client Secured? Jeffrey L Carrell Network Conversions Network Security Consultant 1 IPv6 Security: How is the Client Secured? IPv6/IPsec IPsec Challenges IPsec Monitoring/Management
More informationDNS Root NameServers
DNS Root NameServers An Overview Dr. Farid Farahmand Updated: 9/24/12 Who- is- Who! Over half million networks are connected to the Internet 5 billion users by 2015! Network numbers are managed by ICANN
More informationLesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division
Lesson 13: DNS Security Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Introduction to DNS The DNS enables people to use and surf the Internet, allowing the translation
More informationDNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.
Lab Exercise DNS Objective DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses. Step 1: Analyse the supplied DNS Trace Here we examine the supplied trace of a
More informationIPv6 Support in the DNS. Workshop Name Workshop Location, Date
IPv6 Support in the DNS Workshop Name Workshop Location, Date Agenda How important is the DNS? DNS Resource Lookup DNS Extensions for IPv6 Lookups in an IPv6-aware DNS Tree About Required IPv6 Glue in
More information70-642 R4: Configuring Windows Server 2008 Network Infrastructure
70-642 R4: Configuring Windows Server 2008 Network Infrastructure Course Introduction Chapter 01 - Understanding and Configuring IP Lesson: Introducing the OSI Model Understanding the Network Layers OSI
More informationWhere is Hong Kong in the secure Internet infrastructure development. Warren Kwok, CISSP Internet Society Hong Kong 12 August 2011
The Internet is for Everyone. Become an ISOC Member. Cyber Security Symposium 2011 Where is Hong Kong in the secure Internet infrastructure development Warren Kwok, CISSP Internet Society Hong Kong 12
More informationInterconnecting IPv6 Domains Using Tunnels
Interconnecting Domains Using Tunnels Version History Version Number Date Notes 1 30 July 2002 This document was created. 2 19 May 2003 Updated the related documents section. This document describes how
More informationDNS Risks, DNSSEC. Olaf M. Kolkman and Allison Mankin. olaf@nlnetlabs.nl and mankin@psg.com. http://www.nlnetlabs.nl/ 8 Feb 2006 Stichting NLnet Labs
DNS Risks, DNSSEC Olaf M. Kolkman and Allison Mankin olaf@nlnetlabs.nl and mankin@psg.com 8 Feb 2006 Stichting NLnet Labs DNSSEC evangineers of the day Allison: Independent consultant Member of the Internet2
More informationEnterprise Architecture Office Resource Document Design Note - Domain Name System (DNS)
Date: 8/27/2012 Enterprise Architecture Office Resource Document Design Note - Domain Name System (DNS) Table of Contents 1 Overview...2 1.1 Other Resources...2 1.1.1 State of Minnesota Standards and Guidelines...2
More informationDNSSEC Deployment a case study
DNSSEC Deployment a case study Olaf M. Kolkman Olaf@NLnetLabs.nl RIPE NCCs Project Team: Katie Petrusha, Brett Carr, Cagri Coltekin, Adrian Bedford, Arno Meulenkamp, and Henk Uijterwaal Januari 17, 2006
More informationDNS and IPv6 By Alex Lightman CEO, Innofone.com, Inc.
DNS and IPv6 By Alex Lightman CEO, Innofone.com, Inc. DNS, or the Domain Naming System, has been around for many years. The existing Internet would not be able to scale by adding nodes through people with
More informationIPv6 and DNS. Secure64
IPv6 and DNS Secure64 About me Stephan Lagerholm Director and Founder of TXv6TF. Secure64 Software Corp. Sponsor of the event. Agenda: DNS and IPv6 basics DNS64 (RFC 6147) 464XLAT (RFC 6877) Heuristic
More informationIPv6 in Malaysia. Gopinath Rao Sinniah Senior Staff Researcher, MIMOS Berhad Chairman of MTSFB IPv6 WG. 18 th October 2012 Australian 2012 IPv6 Summit
IPv6 in Malaysia Gopinath Rao Sinniah Senior Staff Researcher, MIMOS Berhad Chairman of MTSFB IPv6 WG 18 th October 2012 Australian 2012 IPv6 Summit Outline Brief description of MTSFB and MIMOS Berhad
More informationProxy Server, Network Address Translator, Firewall. Proxy Server
Proxy Server, Network Address Translator, Firewall 1 Proxy Server 2 1 Introduction What is a proxy server? Acts on behalf of other clients, and presents requests from other clients to a server. Acts as
More informationThe Bomgar Appliance in the Network
The Bomgar Appliance in the Network The architecture of the Bomgar application environment relies on the Bomgar Appliance as a centralized routing point for all communications between application components.
More informationIPv6 Support in the DNS. Workshop Name Workshop Location, Date
IPv6 Support in the DNS Workshop Name Workshop Location, Date Copy Rights This slide set is the ownership of the 6DEPLOY project via its partners The Powerpoint version of this material may be reused and
More informationCreating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements
Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements Analyze the impact of Active Directory on the existing technical environment. Analyze hardware and software
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationNetwork Layers. CSC358 - Introduction to Computer Networks
Network Layers Goal Understand how application processes set up a connection and exchange messages. Understand how addresses are determined Data Exchange Between Application Processes TCP Connection-Setup
More informationBasic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24
Basic DNS Course Module 1 Ron Aitchison ZYTRAX, Inc. Page 1 of 24 The following are the slides used in this Module of the course. Some but not all slides have additional notes that you may find useful.
More informationConfiguring Windows Server 2008 Network Infrastructure
Configuring Windows Server 2008 Network Infrastructure Course Number: 70-642 Certification Exam This course is preparation for the Microsoft Technical Specialist (TS) exam, Exam 70-642: TS: Windows Server
More informationIPv6 Tunneling Over IPV4
www.ijcsi.org 599 IPv6 Tunneling Over IPV4 A.Sankara Narayanan 1, M.Syed Khaja Mohideen 2, M.Chithik Raja 3 Department of Information Technology Salalah College of Technology Sultanate of Oman ABSTRACT
More informationPCI Compliance Can Make Your Organization Stronger and Fitter. Brent Harman Manager, Systems Consultant Team West NetPro Computing, Inc.
PCI Compliance Can Make Your Organization Stronger and Fitter Brent Harman Manager, Systems Consultant Team West NetPro Computing, Inc. Today s Agenda PCI DSS What Is It? The Regulation 6 Controls 12 Requirements
More informationDNSSEC in your workflow
DNSSEC in your workflow Presentation roadmap Overview of problem space Architectural changes to allow for DNSSEC deployment Deployment tasks Key maintenance DNS server infrastructure Providing secure delegations
More informationIPv6 Support in the DNS
IPv6 Support in the DNS Copy Rights This slide set is the ownership of the 6DEPLOY project via its partners The Powerpoint version of this material may be reused and modified only with written authorization
More informationGuardian Digital Secure Mail Suite Quick Start Guide
Guardian Digital Secure Mail Suite Quick Start Guide Copyright c 2004 Guardian Digital, Inc. Contents 1 Introduction 1 2 Contacting Guardian Digital 2 3 Purpose of This Document 3 3.1 Terminology...............................
More informationDNS Architecture Case Study: Resiliency and Disaster Recovery
DNS Architecture Case Study: Resiliency and Disaster Recovery Cricket Liu VP, Architecture Infoblox Company Background Large U.S.-based company, Company Co. (company.com) Three categories of sites Headquarters
More informationCisco Change Management: Best Practices White Paper
Table of Contents Change Management: Best Practices White Paper...1 Introduction...1 Critical Steps for Creating a Change Management Process...1 Planning for Change...1 Managing Change...1 High Level Process
More informationModule 2. Configuring and Troubleshooting DNS. Contents:
Configuring and Troubleshooting DNS 2-1 Module 2 Configuring and Troubleshooting DNS Contents: Lesson 1: Installing the DNS Server Role 2-3 Lesson 2: Configuring the DNS Server Role 2-9 Lesson 3: Configuring
More informationStep-by-Step Guide for Setting Up IPv6 in a Test Lab
Step-by-Step Guide for Setting Up IPv6 in a Test Lab Microsoft Corporation Published: July, 2006 Author: Microsoft Corporation Abstract This guide describes how to configure Internet Protocol version 6
More informationFirst version of the document.
First version of the document. 2.1 Access to web forms... 6 2.2 Menu... 7 2.3 Dashboard... 8 2.4 Domain names... 9 2.4.1 Create domain name... 9 2.4.2 Query domain name details...11 2.4.3 Registrar domain
More informationUSING TRANSACTION SIGNATURES (TSIG) FOR SECURE DNS SERVER COMMUNICATION
USING TRANSACTION SIGNATURES (TSIG) FOR SECURE DNS SERVER COMMUNICATION Transaction Signatures (TSIG) provide a secure method for communicating in the Domain Name System (DNS) from a primary to a secondary
More informationCourse Outline: 6435- Designing a Windows Server 2008 Network Infrastructure
Course Outline: 6435- Designing a Network Infrastructure Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 40 hrs Overview: This five-day course will provide students with an understanding
More informationDEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager
DEPLOYMENT GUIDE Version 1.1 DNS Traffic Management using the BIG-IP Local Traffic Manager Table of Contents Table of Contents Introducing DNS server traffic management with the BIG-IP LTM Prerequisites
More informationDescription: Objective: Attending students will learn:
Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of
More informationImplementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services (5 days)
Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services (5 days) Course 2277: Five days; Instructor-led Introduction This five-day, instructor-led
More information2014 IANA FUNCTIONS CUSTOMER SERVICE SURVEY RESULTS. Survey by Ebiquity Report by Leo Vegoda & Marilia Hirano
2014 IANA FUNCTIONS CUSTOMER SERVICE SURVEY RESULTS Survey by Ebiquity Report by Leo Vegoda & Marilia Hirano November 2014 Table of Contents Survey objective 1 Executive summary 2 Methodology 4 General
More informationHow-to: DNS Enumeration
25-04-2010 Author: Mohd Izhar Ali Email: johncrackernet@yahoo.com Website: http://johncrackernet.blogspot.com Table of Contents How-to: DNS Enumeration 1: Introduction... 3 2: DNS Enumeration... 4 3: How-to-DNS
More informationThe Root of the Matter: Hints or Slaves
The Root of the Matter: Hints or Slaves David Malone October 21, 2003 Abstract We consider the possibility of having a name server act as a slave to the root zone, rather than caching
More informationDNS at NLnet Labs. Matthijs Mekking
DNS at NLnet Labs Matthijs Mekking Topics NLnet Labs DNS DNSSEC Recent events NLnet Internet Provider until 1997 The first internet backbone in Holland Funding research and software projects that aid the
More informationDNS Basics. DNS Basics
DNS Basics 1 A quick introduction to the Domain Name System (DNS). Shows the basic purpose of DNS, hierarchy of domain names, and an example of how the DNS protocol is used. There are many details of DNS
More informationKim Davies Internet Assigned Numbers Authority
Introducing IANA Baltic Region and Eastern Europe International Seminar The Internet & the post-wsis environment: enhancing dialogue among the stakeholders Riga 2006 Kim Davies Internet Assigned Numbers
More informationRoot zone update for TLD managers Mexico City, Mexico March 2009
Root zone update for TLD managers Mexico City, Mexico March 2009 Kim Davies Manager, Root Zone Services Internet Corporation for Assigned Names & Numbers A quick census 280 delegated 11 testing 280 delegated
More informationThe Internet. Reminders. Internet Protocol Routing: Simplified. Part 2: Networks of Networks - Internet Workings
The Internet Part 2: Networks of Networks - Internet Workings Notes for CSC 100 - The Beauty and Joy of Computing The University of North Carolina at Greensboro Reminders Reminders for Nov. 10 Blown to
More informationIPv6 support in the DNS
IPv6 support in the DNS How important is the DNS? Getting the IP address of the remote endpoint is necessary for every communication between TCP/IP applications Humans are unable to memorize millions of
More informationIPv6.marceln.org. marcel.nijenhof@proxy.nl
IPv6.marceln.org marcel.nijenhof@proxy.nl RFC 1606 RFC 1606 A Historical Perspective On The Usage Of IP Version 9 1 April 1994, J. Onions Introduction The take-up of the network protocol TCP/IPv9 has been
More informationAccommodating IP Version 6 Address Resource Records for the Root of the Domain Name System
Accommodating IP Version 6 Address Resource Records for the Root of the Domain Name System A Joint Report from the ICANN Security and Stability Advisory and Root Server System Advisory Committees SAC018
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationDNS traffic analysis -- Issues of IPv6 and CDN --
DNS traffic analysis -- Issues of IPv6 and CDN -- Kazunori Fujiwara ^, Akira Sato, Kenichi Yoshida University of Tsukuba ^Japan Registry Services Co., Ltd (JPRS) July 29, 2012 IEPG meeting at Vancouver
More informationThe basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.
Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components
More informationThe Internet Ecosystem and ICANN!! Steve Sheng @ Stanford University, Center for Information and Society! 29 April 2013!
The Internet Ecosystem and ICANN!! Steve Sheng @ Stanford University, Center for Information and Society! 29 April 2013! Ecosystem! + A network of interactions among organisms, and between organisms and
More informationChapter 11 Cloud Application Development
Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How
More informationTools for penetration tests 1. Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus.
Tools for penetration tests 1 Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus. What is a penetration test? Goals: 1. Analysis of an IT-environment and search
More information<Insert Picture Here> Oracle Web Cache 11g Overview
Oracle Web Cache 11g Overview Oracle Web Cache Oracle Web Cache is a secure reverse proxy cache and a compression engine deployed between Browser and HTTP server Browser and Content
More informationInstalling and Configuring Windows Server 2008. Module Overview 14/05/2013. Lesson 1: Planning Windows Server 2008 Installation.
Installing and Configuring Windows Server 2008 Tom Brett Module Overview Planning Windows Server 2008 Installations Performing a Windows Server 2008 Installation Configuring Windows Server 2008 Following
More informationIntroduction to Network Security Lab 1 - Wireshark
Introduction to Network Security Lab 1 - Wireshark Bridges To Computing 1 Introduction: In our last lecture we discussed the Internet the World Wide Web and the Protocols that are used to facilitate communication
More informationDesigning a Windows Server 2008 Network Infrastructure
Designing a Windows Server 2008 Network Infrastructure MOC6435 About this Course This five-day course will provide students with an understanding of how to design a Windows Server 2008 Network Infrastructure
More informationReverse DNS considerations for IPv6
Reverse DNS considerations for IPv6 Kostas Zorbadelos OTE David Freedman - ClaraNet Reverse DNS in IPv4 Every Internet-reachable host should have a name Make sure your PTR and A records match. For every
More informationComputer Networks: Domain Name System
Computer Networks: Domain Name System Domain Name System The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses DNS www.example.com 208.77.188.166 http://www.example.com
More informationGuide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP
Guide to Network Defense and Countermeasures Third Edition Chapter 2 TCP/IP Objectives Explain the fundamentals of TCP/IP networking Describe IPv4 packet structure and explain packet fragmentation Describe
More informationModule 1: Overview of Network Infrastructure Design This module describes the key components of network infrastructure design.
SSM6435 - Course 6435A: Designing a Windows Server 2008 Network Infrastructure Overview About this Course This five-day course will provide students with an understanding of how to design a Windows Server
More informationSystem & Service Operations in CNNIC. September 10, 2013
System & Service Operations in CNNIC September 10, 2013 Who am I Kevin.Liu Liu Zhihui 刘 志 辉 liuzhihui@cnnic.cn DNS Operation Engineer DevOps System Design and Deployment Operation Data Processing and Analyzing
More informationPlanning the transition to IPv6
Planning the transition to IPv6 An Allstream White Paper 1 Table of contents Why transition now? 1 Transition mechanisms 2 Transition phases 2 IPv6 transition challenges 3 Taking advantage of IPv6 benefits
More informationRegistry Update. John Dickinson. Nominet UK
Registry Update John Dickinson Nominet UK Registry Update What Nominet does Recent technical changes and future plans What Nominet does UK Domain Name Registry Delegated to provide name resolution for.uk
More information1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet
Review questions 1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet C Media access method D Packages 2 To which TCP/IP architecture layer
More informationIntroduction to IP v6
IP v 1-3: defined and replaced Introduction to IP v6 IP v4 - current version; 20 years old IP v5 - streams protocol IP v6 - replacement for IP v4 During developments it was called IPng - Next Generation
More information