Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Contemporary requirements for zone transfers
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Artyom "Töma" Gavrichenkov
October 12, 2017
Technology
53
0
Share
Contemporary requirements for zone transfers
Artyom "Töma" Gavrichenkov
October 12, 2017
More Decks by Artyom "Töma" Gavrichenkov
See All by Artyom "Töma" Gavrichenkov
[EE DNS Forum 2018] DDoS on DNS: past, present and inevitable
ximaera
0
59
Wrong, wrong, WRONG! methods of DDoS mitigation
ximaera
0
370
DDoS Beasts and How to Fight Them (Nginx Conf 2018)
ximaera
0
200
DDoS tutorial (China ISC 360)
ximaera
0
260
[RU] “I, Not Robot". A design of the contemporary CAPTCHA challenges and the future of the Turing test
ximaera
0
130
DDoS 101 (2018, PaymentSecurity RU 2018)
ximaera
0
50
Memcached Amplification: Lessons Learned (NANOG 73)
ximaera
0
230
DDoS Beasts and How to Fight Them
ximaera
0
78
Memcached Amplification DDoS: Lessons Learned (ENOG 15)
ximaera
0
66
Other Decks in Technology
See All in Technology
AI時代から振り返るTerraform drift運用の歴史 / AI Age Reflections on the History of Terraform Drift Operations
aeonpeople
0
410
Gradle×GitHub_ActionsでCI時間を約50%短縮 ジョブ分割の設計と落とし穴 / Cutting CI Time by ~50% with Gradle and GitHub Actions: Job-Splitting Design and Pitfalls
takatty
0
150
データ基盤構築・運用の現場から 〜 Snowflake Intelligence 導入で変わった、データ活用の未来 〜
wonohe
0
190
AIのために、AIを使った、Effect-TSからの脱却 〜テストを活用した安全なリファクタリングの進め方〜
bitkey
PRO
1
570
インフラが苦手でも大丈夫! 紙芝居 Kubernetes -WWGT 10周年編-
aoi1
1
130
Claude Codeですべての日常業務を爆速化しよう!
minorun365
PRO
15
13k
自作エディターをOSSにして分かった、一人に刺さる開発が世界を動かす理由
shinyasaita
1
400
DI コンテナ自動生成ツールを実装してみた / intro-autodi
uhzz
0
870
シンデレラなんかになりたくない!ガラスの靴が割れた時代にどう歩く?
nomizone
0
190
キャリア25年目にしてTypeScript に出会うまで - 「型」を通じて振り返るプログラミング言語遍歴 / Meeting TypeScript After 25 Years in Tech - Looking Back at My Programming Language Journey Through "Types"
bitkey
PRO
2
280
形式手法特論:公平性制約の位相的特徴づけ #kernelvm / Kernel VM Study Kansai 12th
ytaka23
1
310
Javaで学ぶSOLID原則
negima
1
130
Featured
See All Featured
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
Everyday Curiosity
cassininazir
0
210
Are puppies a ranking factor?
jonoalderson
1
3.4k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.2k
Rails Girls Zürich Keynote
gr2m
96
14k
Keith and Marios Guide to Fast Websites
keithpitt
413
23k
The AI Search Optimization Roadmap by Aleyda Solis
aleyda
1
5.8k
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.7k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
1
360
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
180
Transcript
Contemporary requirements for zone transfers Artyom Gavrichenkov <
[email protected]
> GPG: 2deb
97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191
A long, long time ago. • /etc/hosts • Service owner
responsible for the name resolution
Next. • Authoritative DNS servers • DNS registries • Cloud
DNS services
A Split. Customers Providers
1
2
…
A Split. Customers Providers
Customers Providers • DNSSEC • CAA • TLS …
Customers Providers ? • DNSSEC • CAA • TLS …
Customers Providers • Backup datacenters • Geobalancing • ASN-based balancing
• CI/CD • DNSSEC • CAA • TLS …
None
DDoS Challenges • UDP-based protocol • Thanks God, a truncate
thing • Amplification attacks
Cloud solutions! • Amazon Route53 • Dyn • Azure •
Cloudflare • Google Cloud …
Cloud solutions! • Amazon Route53 • Dyn • Azure •
Cloudflare • Google Cloud … But.
Cloud solutions! • Amazon Route53 • Dyn • Azure •
Cloudflare • Google Cloud … But. What about AXFR?
None
“DNS Zone Transfers (AXFR/IXFR) support for Route53 is a hotly
asked for feature, and is one that we will consider adding in the future.” Amazon, 2012.
None
DNSControl https://github.com/StackExchange/dnscontrol/ “Synchronize your DNS to multiple providers from a
simple DSL”
A Standard? • DOTS • CDNI • DNSops?
A Standard? Zone transfers with blackjack and stuff • Balancing
and failover • Traffic load measurement & rate limiting • Dynamic filters • Extensions
Q&A Artyom Gavrichenkov <
[email protected]
>
ximaera
aeonpeople
takatty
wonohe
bitkey
.jpg){kind=avatar}
aoi1
minorun365
shinyasaita
uhzz
nomizone
ytaka23
negima
panda_program
cassininazir
jonoalderson
addyosmani
malarkey
gr2m
keithpitt
aleyda
inesmontani
reverentgeek
sabderemane
![Contemporary requirements for zone transfers Artyom Gavrichenkov <[email protected]> GPG: 2deb](https://files.speakerdeck.com/presentations/3eb7b96fd5824f42904d1ec183cc498b/slide_0.jpg){kind=link}
![Q&A Artyom Gavrichenkov <[email protected]>](https://files.speakerdeck.com/presentations/3eb7b96fd5824f42904d1ec183cc498b/slide_22.jpg){kind=link}