Download - DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010
Affan Basalamah
Outline
• Overview
• DITL 2010 by OARC
• Gulliver Project
Overview
• ITB is participating in Internet measurement
activity, especially DNS
• Participation in global Internet community
for international exposure
DNS @ ITB
• 3 Production Servers
– ISC BIND 9.6.2
– DNSSEC not enabled
– Anycast distribution
• 1 Experimental Server
– NLnet Unbound 1.4.4
– DNSSEC (validation) enabled
– ISC DLV (DNSSEC Lookaside Validation)
Monitoring on ITB side
• Using Munin plugins for Bind & Unbound
– http://munin-monitoring.org/
Sample Graphics & Data
DITL 2010
DITL 2010
• A Day In The Life of the Internet
– https://www.dns-oarc.net
• ITB is participating in DITL 2010 in April
• Conducted by Dian Dwi Nugraha (DNS
Admin)
What it is?
• A large-scale data collection project undertaken
by CAIDA and OARC (Operations, Analysis, and
Research Center) every year since 2006
• Participants :
– DNS Root Servers
– TLD Servers
– AS112 nodes
– “client-side” iterative/caching resolvers
• Tool : dnscap/tcpdump
Objectives
• Measure Internet growth
– IPv4 and IPv6 growth
– Secure/insecure DNS growth
• Uncover possible DNS anomalies in process
Data taken
• IPv4/IPv6 source and destination query
• qps (queries per second)
• secure/insecure (DNSSEC)
• RRsets (A,AAAA,MX,NS,...)
Toolkit
• Follow procedures in
https://www.dns-oarc.net/ditl/2010
• Toolkit to send data to OARC:
https://www.dns-oarc.net/files/ditl-2010/ditl-
tools-20100406195635.tar.gz
Raw Data Snapshot
• http://ditl.dns-oarc.net/ditl_20100413_raw/coverage.png
Status
• Collected data in http://ditl.dns-oarc.net/
• Some data collected from ITB:
http://ditl.dns-oarc.net/ditl_20100413_raw/provider-
reports/itb-ac-id-files.html
• Deeper measurement data can be obtained
to OARC
GULLIVER PROJECT
What is it?
• Active Measurement Framework
• Probes DNS reachability from worldwide locations
– RTT, Query Timeout
– Node ID (hostname.bind or server.id)
• 30 Probe Locations as of Feb. 2010
– Including South/East Asia and Africa countries
• Targets
– Root, ccTLD, in‐addr.arpa DNS servers
• http://gulliver.wide.ad.jp/
Gulliver Project in ITB
• Installed by Dikshie in 31st May
• The measurement box: http://www.seil.jp/seilseries/seil/seilplus.php
Gulliver Box @ ITB
Gulliver Box @ ITB
Measurement Results
• RTT reachability of root DNS server from ITB
as seen in http://gulliver.wide.ad.jp/
Status
• ITB box has send data to Gulliver
• ITB hasn’t received Member Page
username/password from DR. Yuki Sekiya
SUMMARY
Summary
• ITB is ready to participate in Internet
measurement activity
• Participation in global Internet community
for international exposure
• Need to conduct thorough analysis from data
Thanks!