CDAR Continuous Data-driven Analysis of Root Stability March 8, - - PowerPoint PPT Presentation

CDAR

Continuous Data-driven Analysis of Root Stability

March 8, 2016 ICANN55, Marrakech

Benno Overeinder (NLnet Labs) Cristian Hesselman (SIDN)

Continuous Data-driven Analysis of Root Stability

Objective

• Analyze technical impact of the New gTLD Program on

stability of the root server system

• Input for policy development by ICANN community

– For instance to develop contingency plans

• Today’s goal: share and discuss approach and

preliminary results

Continuous Data-driven Analysis of Root Stability

Community Interaction

Oct 2015 Dec 2015 Jan 2016 Feb 2016 Mar 2016 Oct 2016 Apr 2016 Jun 2016

Continuous Data-driven Analysis of Root Stability

Public Comments

• Feedback Business Constituency and an individual (DK)

Main comments CDAR response Clarify limitations of the study Study results will be a point of reference for RSS stability, comparable to past (DITL) references and extrapolation to near future scenarios where possible, but no stability “guarantees” can be provided CDAR should identify risk parameters, ICANN should prepare contingency plans CDAR will refine threats to RSS stability into measurable metrics Outreach to broad DNS community to validate methodology and review results CDAR team presents at many events and is

• pen to any constructive suggestion (within

the defined scope of the study) Specific questions about breakdowns of study results Results will be distinguished in relevant TLD and geographic classes

Continuous Data-driven Analysis of Root Stability

Approach

• Analysis over time of root stability parameters

– Volume and type of new gTLD DNS traffic – Performance (round-trip times) – Correctness (DNS response codes) – Reachability (routes) – DNSSEC validation (valid/bogus delegations)

• Using real-world data

– Passive: DITL and RSSAC002 – Active: ATLAS/DNSMON, CDAR’s (e.g., DNSSEC validation)

• Develop and share tools for continuous analysis
• Close interaction with the broader tech community

– ICANN, DNS-OARC, IEPG/IETF

Continuous Data-driven Analysis of Root Stability

New gTLD queries: 0,04% New gTLD queries: 0,20%

RSSAC002 and DITL Analysis

The percentage of queries to New gTLDs has increased from DITL 2014 to DITL 2015, but is still very low compared to other types of queries

300 400 500 600 700 800 900 1000 04/01/14 07/01/14 10/01/14 01/01/15 04/01/15 07/01/15 10/01/15 01/01/16 Root Zone size Date

Continuous Data-driven Analysis of Root Stability

Analysis of PCAP Data

The volume of root traffic for a new gTLD often decreases significantly after delegation (gTLDs A and B), but sometimes also increases (gTLD C) or increases temporarily (gTLD D)

Delegation dates New gTLD A New gTLD C New gTLD B Delegation dates New gTLD D

Continuous Data-driven Analysis of Root Stability

RIPE ATLAS Analysis (incl. DNSMON)

For one specific data point (Jan 18, 2014), the delega;on of 16 New gTLDs had no sta;s;cally significant impact on the RTT

Continuous Data-driven Analysis of Root Stability

Next Steps

• Continue outreach and community interaction

– After this presentation – DNS-OARC and IEPG meetings in April (Buenos Aires) – ICANN56

• Further data analysis

– Break down of DNS traffic per TLD per root letter – Add more data points at which the root zone grew – Analyze stability parameters for different types of TLDs – Develop and share tools for continuous analysis – Use analysis for scenario development

• Obtain more measurement data

– Work with RSOs to obtain root server PCAPs – Include DITL2016 (April) – Historical DSC data (DNS-OARC)

Continuous Data-driven Analysis of Root Stability

CDAR Project Team Bart Gijsen (TNO) Benno Overeinder (NLnet Labs) Cristian Hesselman (SIDN) Daniël Worm (TNO) Giovane Moura (SIDN) Jaap Akkerhuis (NLnet Labs) Coordinator Bart Gijsen (Msc.) +31 6 53 72 52 18 bart.gijsen@tno.nl CDAR Home: http://www.cdar.nl

Questions and Discussion