knot dns update
play

Knot DNS - update Tech Day ICANN 50 Ondrej Filip - PowerPoint PPT Presentation

Oct 07, 2020 •344 likes •497 views

Knot DNS - update Tech Day ICANN 50 Ondrej Filip ondrej.filip@nic.cz 23 Jun 2014 London What is Knot DNS? https://www.knot-dns.cz/ High-performance and scalable authoritative DNS server Free, open-source, written from

  1. Knot DNS - update Tech Day – ICANN 50 Ondrej Filip • ondrej.filip@nic.cz • 23 Jun 2014 • London

  2. What is Knot DNS? ● https://www.knot-dns.cz/ ● High-performance and scalable authoritative DNS server ● Free, open-source, written from scratch ● Under active development ● Standards compliant and fast tracking ● Non-stop operation (runtime reconfiguration) ● Usable for root, TLD and DNS hosting ● DNSSEC automatic signing ● Pluggable modules

  3. Knot DNS history & roadmap ● Knot DNS 0.8 – 1.4.6 [stable release] ● First public release in 2011 (0.8) ● Active development - fast-forward ● DNSSEC automatic signing (1.4) ● Knot DNS 1.5 [release candidate] ● Lots of refactoring under the hood ● Pluggable modules ● Knot DNS 1.6 [WIP] ● Real-time DNSSEC signing ● Own key management utilities

  4. DNSSEC automatic signing ● Technology Preview (but rock stable – large ISP) ● Simple configuration zones { example.com { file "example.com"; dnssec-enable on; dnssec-keydir "/etc/knot/keys"; } } $ knotc signzone

  5. Pluggable modules ● Hooks in query-response processing ● Different possibilities ● Split-horizon (GeoIP, ...) ● Poor man’s HA ● Reverse and forward resource record synthesis ● dnstap

  6. Synthetized resource records ● IPv6 address space is vast ● It’s not possible to have all PTR records in the DNS server manually ● Customers want to send e-mails from DSL lines ● MTAs are checking for reverse records and rejecting e-mails ● Customers are complaining ● Configuration (more in user manual) synth_record "(forward|reverse) \ <prefix> <ttl> <address>/<nn>"; ● No DNSSEC signing (planned for 1.6)

  7. Example configuration example.org. { query_module { synth_record "forward gen- 400 2620:0:b61::/52"; synth_record "forward gen- 400 192.168.1.0/25"; } } 1.168.192.in-addr.arpa { query_module { synth_record "reverse gen- example.org. 400 192.168.1.0/25"; } } 1.6.b.0.0.0.0.0.0.2.6.2.ip6.arpa { query_module { synth_record "reverse gen- example.org. 400 2620:0:b61::/52"; } }

  8. Example output $ kdig AAAA gen-2620-0000-0b61-0100-0000-0000-0000- 0000.example.org. [...] ;; QUESTION SECTION: ;; gen-2620-0000-0b61-0100-0000-0000-0000-0000.example.org. 0 IN AAAA ;; ANSWER SECTION: gen-2620-0000-0b61-0100[...] 400 IN AAAA 2620:0:b61:100:: $ kdig PTR 1.0.0...1.6.b.0.0.0.0.0.0.2.6.2.ip6.arpa. [...] ;; QUESTION SECTION: ;; 1.0.0...1.6.b.0.0.0.0.0.0.2.6.2.ip6.arpa. 0 IN PTR ;; ANSWER SECTION: [...] 400 IN PTR gen-2620-0000-0b61-0000-0000-0000-0000- 0001.example.org.

  9. Improved DNSSEC support plan ● libdnssec separation ● Switch from OpenSSL to GnuTLS (nope, not heartbleed related) ● Support for hardware security modules (PKCS#11) ● Key and Signing Policy and tools ● On-line signing ● Minimal NSEC3 encloser responses ● Dynamic modules

  10. Refactoring

  11. Benchmarking ● Authoritative DNS servers: ● Bind 9.10.0-P1 ● Knot DNS 1.4.6 ● Knot DNS 1.5.0rc2 ● NSD 3.2.17 ● NSD 4.0.4 ● PowerDNS 3.3

  12. Benchmark setup ● Open source (https://gitlab.labs.nic.cz/labs/dns- benchmarking) ● DISTEL-like setup (Courtesy of NLnet Labs) ● tcpreplay & tcpdump based ● servers: player, listener and server ● Linux 3.13.0; 10GbE Intel NICs, commodity hardware ● Scenarios: ● Root Zone ● TLD & TLD (DNSSEC Signed) ● DNS Hosting (100k & 1M) ● Results: https://www.knot-dns.cz/pages/benchmark.html

  13. Response rate – percentage (root)

  14. Startup time & memory (1M zones)

  15. Thank You! Ondrej Filip • ondrej.filip@nic.cz • http://www.knot-dns.cz

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MAS344 Knots and surfaces What is a knot? Not a knot What is a knot? Not a knot A knot What

MAS344 Knots and surfaces What is a knot? Not a knot What is a knot? Not a knot A knot What

MAS344 Knots and surfaces What is a knot? Not a knot What is a knot? Not a knot A knot What is a knot? Not a knot A knot Not a knot Variants of knots a link (the Borromean rings) a tangle a braid Another picture of the Borromean rings

621 views • 43 slides
Advances in Knot Polynomials 21 October 2016 Advances in Knot Polynomials 21 October 2016 1 /

Advances in Knot Polynomials 21 October 2016 Advances in Knot Polynomials 21 October 2016 1 /

Advances in Knot Polynomials 21 October 2016 Advances in Knot Polynomials 21 October 2016 1 / 49 ABSTRACT Review of achievements and problems in the theory of colored knot polynomials. Accent is on the current mystery around the differential

761 views • 49 slides
Knot theory in 3 -manifold via virtual knot theory Teruhisa Kadokami (Kanazawa University)

Knot theory in 3 -manifold via virtual knot theory Teruhisa Kadokami (Kanazawa University)

Knot theory in 3 -manifold via virtual knot theory Teruhisa Kadokami (Kanazawa University) Mathematics of Knots II December 20th, 2019 (Fri.) Nihon University, College of Humanities and Sciences 2/32 Contents 0. Introduction 4 4 Part

898 views • 32 slides
A Really Great Presentation... or Knot Chloe Avery, Talon Stark, Xiaoyu Qiao, and Jerry Luo

A Really Great Presentation... or Knot Chloe Avery, Talon Stark, Xiaoyu Qiao, and Jerry Luo

A Really Great Presentation... or Knot Chloe Avery, Talon Stark, Xiaoyu Qiao, and Jerry Luo University of California, Santa Barbara March 14, 2015 What is a Knot? A mathematical knot is a closed path in 3-dimensional space that doesnt

587 views • 40 slides
Direct computation of knot Floer homology and the Upsilon invariant Taketo Sano, joint work with

Direct computation of knot Floer homology and the Upsilon invariant Taketo Sano, joint work with

Direct computation of knot Floer homology and the Upsilon invariant Taketo Sano, joint work with Kouki Sato The University of Tokyo 2019-12-20 1/23 Overview knot homology theory knot concordance invariant knot Floer homology Tau invariant

387 views • 23 slides
) YEH # #t A ( Th Aa ITT ' D Y = $2 R2 IR ' v - . . i diagram of K

) YEH # #t A ( Th Aa ITT ' D Y = $2 R2 IR ' v - . . i diagram of K

a punctured sphere Knot diagrams on string figures of a model as l # KEEFE ) ' is Eu U 434 l 'kEiEI k3 ) ) YEH # #t A ( Th Aa ITT ' D Y = $2 R2 IR ' v - . . i diagram of K DE $2 knot KE $3 : :

311 views • 16 slides
Loosening the G Loosening the G Gordian Knot: Gordian Knot: Unraveling Alzheimer D Disease

Loosening the G Loosening the G Gordian Knot: Gordian Knot: Unraveling Alzheimer D Disease

Loosening the G Loosening the G Gordian Knot: Gordian Knot: Unraveling Alzheimer D Disease Biology and Finding The Finding The erapeutic erapeutic Targets Using Gene Gene etic etic Approa aches Lindsay A. y Farrer, Ph.D . ,

1.21k views • 61 slides
Epidemiology and management of olive knot caused by Pseudomonas savastanoi pv. savastanoi Dr.

Epidemiology and management of olive knot caused by Pseudomonas savastanoi pv. savastanoi Dr.

Epidemiology and management of olive knot caused by Pseudomonas savastanoi pv. savastanoi Dr. James Adaskaveg, Professor Department of Plant Pathology and Microbiology University of California Riverside Overview I. Epidemiology A. Olive knot

731 views • 39 slides
Global Knot Insertion Algorithms Scott Schaefer Ron Goldman Department of Computer Science

Global Knot Insertion Algorithms Scott Schaefer Ron Goldman Department of Computer Science

Global Knot Insertion Algorithms Scott Schaefer Ron Goldman Department of Computer Science Department of Computer Science Texas A&amp;M University Rice University Part I: Introduction to Knot Insertion Knot Insertion Algorithm Input T = {

703 views • 43 slides
Geometric structures on the Figure Eight Structures Martin Deraux Knot Complement The figure

Geometric structures on the Figure Eight Structures Martin Deraux Knot Complement The figure

Geometric structures on the Figure Eight Knot Complement ICERM Workshop Exotic Geometric Geometric structures on the Figure Eight Structures Martin Deraux Knot Complement The figure eight knot Presentation Holonomy Prism picture ICERM

561 views • 38 slides
Epimorphisms between knot groups: determination of the partial order Masaaki Suzuki Akita

Epimorphisms between knot groups: determination of the partial order Masaaki Suzuki Akita

Epimorphisms between knot groups: determination of the partial order Masaaki Suzuki Akita University September 14, 2010 Macky Epimorphisms between knot groups Twisted Alexander polynomial G : a finitely presentable group : G Z l : a

515 views • 50 slides
Using machine learning Learning knot methods in geometric modeling placement SVM knot placement

Using machine learning Learning knot methods in geometric modeling placement SVM knot placement

Machine learning in geometric modeling Georg Umlauf Using machine learning Learning knot methods in geometric modeling placement SVM knot placement for curves SVM knot placement for skinning Georg Umlauf Learning primitive

825 views • 38 slides
The Least Spanning Area of a Knot and the Optimal Bounding Chain Problem Nathan M. Dunfield

The Least Spanning Area of a Knot and the Optimal Bounding Chain Problem Nathan M. Dunfield

The Least Spanning Area of a Knot and the Optimal Bounding Chain Problem Nathan M. Dunfield University of Illinois, Mathematics Anil N. Hirani University of Illinois, Computer Science SoCG 2011, Paris Knot in R 3 : Smooth embedding of S 1 in R

585 views • 13 slides
Bordered Heegaard Floer Homology and Knot Doubling Operators Adam Simon Levine Brandeis

Bordered Heegaard Floer Homology and Knot Doubling Operators Adam Simon Levine Brandeis

Bordered Heegaard Floer Homology and Knot Doubling Operators Adam Simon Levine Brandeis University Knot Concordance and Homology Cobordism Workshop Wesleyan University July 21, 2010 Adam Simon Levine Bordered HF and Knot Doubling Operators

1.34k views • 88 slides
Base Tangle Decompositions and Subdivisions of Knots and Links By M. Ochiai, N.Morimura, and

Base Tangle Decompositions and Subdivisions of Knots and Links By M. Ochiai, N.Morimura, and

Base Tangle Decompositions and Subdivisions of Knots and Links By M. Ochiai, N.Morimura, and A.Emoto HOMFLY invariant of Knot or Link For a knot or link K, (1)P(K;x,y) = 1 if K is the trivial knot (2) x P(K+;x,y) + y P(K-;x,y) = P(K

284 views • 26 slides
Knot Games and Winning Strategies Kia Braha 1 Aaron Klingensmith 1 1 Department of Mathematics

Knot Games and Winning Strategies Kia Braha 1 Aaron Klingensmith 1 1 Department of Mathematics

Motivation Knot Fundamentals Definitions Important for our Games Our Games Where We Are, So Far Knot Games and Winning Strategies Kia Braha 1 Aaron Klingensmith 1 1 Department of Mathematics Seattle University University of Washington REU,

541 views • 51 slides
Casson towers and filtrations of the smooth knot concordance group Arunima Ray Doctoral defense

Casson towers and filtrations of the smooth knot concordance group Arunima Ray Doctoral defense

Casson towers and filtrations of the smooth knot concordance group Arunima Ray Doctoral defense Rice University April 8, 2014 Introduction Knot concordance and filtrations Goal Casson towers Results Knots Take a piece of string, tie a

757 views • 63 slides
A polynomial upper bound on Reidemeister moves for each knot type Marc Lackenby August 2013

A polynomial upper bound on Reidemeister moves for each knot type Marc Lackenby August 2013

A polynomial upper bound on Reidemeister moves for each knot type Marc Lackenby August 2013 Unknot recognition Given a knot diagram, can we decide whether it represents the unknot? Unknot recognition Given a knot diagram, can we decide

1.8k views • 90 slides
Subdivision Surfaces CS 418 Intro to Computer Graphics John C. Hart Knot Insertion [0 2 4 6 8

Subdivision Surfaces CS 418 Intro to Computer Graphics John C. Hart Knot Insertion [0 2 4 6 8

Subdivision Surfaces CS 418 Intro to Computer Graphics John C. Hart Knot Insertion [0 2 4 6 8 10] 4 6 8 2 4 6 0 2 4 6 8 10 Knot Insertion [0 2 4 5 6 8 10] 4 6 8 4 5 6 5 6 8 2 4 6 2 4 5 0 2 4 6 8 10 Knot Insertion [0 2 4 5 6 8 10]

873 views • 27 slides
Corks, exotic 4-manifolds and knot concordance Kouichi Yasui Hiroshima University March 10,

Corks, exotic 4-manifolds and knot concordance Kouichi Yasui Hiroshima University March 10,

Corks, exotic 4-manifolds and knot concordance Kouichi Yasui Hiroshima University March 10, 2016 I. Background and Main results Exotic 4-manifolds represented by framed knots Application to knot concordance II. Brief review of corks III.

433 views • 31 slides
Contact Tracing Goals of Contact Tracing Rapidly identify all persons with close contact to a

Contact Tracing Goals of Contact Tracing Rapidly identify all persons with close contact to a

Florida Department of Health in Lee County Contact Tracing Goals of Contact Tracing Rapidly identify all persons with close contact to a confirmed or probable COVID-19 positive case. Ensure all close contacts identified are notified and

644 views • 11 slides
End-to-End Verification of Stack-Space Bounds for C Programs Quentin Carbonneaux Jan Hoffmann

End-to-End Verification of Stack-Space Bounds for C Programs Quentin Carbonneaux Jan Hoffmann

End-to-End Verification of Stack-Space Bounds for C Programs Quentin Carbonneaux Jan Hoffmann Tahina Ramananandro Zhong Shao Yale University April 14th, 2014 Does this program safely run? gcc -O0 &amp;&amp; ./a.out #include

764 views • 53 slides
Duty of Care &amp; Guidance for Sport During Covid-19 #NetsGetReady 1 What We Will Cover

Duty of Care &amp; Guidance for Sport During Covid-19 #NetsGetReady 1 What We Will Cover

19/08/2020 Duty of Care &amp; Guidance for Sport During Covid-19 #NetsGetReady 1 What We Will Cover Current Law &amp; Guidance General Requirements and Roles Staff and Volunteers Participants Spectators, Guardians and

343 views • 20 slides
Resolution and Initiative RCPA Board Meeting April 9, 2018 S onoma County Zero Waste Task

Resolution and Initiative RCPA Board Meeting April 9, 2018 S onoma County Zero Waste Task

Resolution and Initiative RCPA Board Meeting April 9, 2018 S onoma County Zero Waste Task Force S onoma County AB 939 Local Task Force on Integrated Waste Management (2017) Collaborative of citizens, local business and stakeholder

411 views • 12 slides

More recommend