Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Contemporary requirements for zone transfers
Search
Artyom "Töma" Gavrichenkov
October 12, 2017
Technology
0
50
Contemporary requirements for zone transfers
Artyom "Töma" Gavrichenkov
October 12, 2017
Tweet
Share
More Decks by Artyom "Töma" Gavrichenkov
See All by Artyom "Töma" Gavrichenkov
[EE DNS Forum 2018] DDoS on DNS: past, present and inevitable
ximaera
0
57
Wrong, wrong, WRONG! methods of DDoS mitigation
ximaera
0
340
DDoS Beasts and How to Fight Them (Nginx Conf 2018)
ximaera
0
190
DDoS tutorial (China ISC 360)
ximaera
0
240
[RU] “I, Not Robot". A design of the contemporary CAPTCHA challenges and the future of the Turing test
ximaera
0
120
DDoS 101 (2018, PaymentSecurity RU 2018)
ximaera
0
40
Memcached Amplification: Lessons Learned (NANOG 73)
ximaera
0
210
DDoS Beasts and How to Fight Them
ximaera
0
60
Memcached Amplification DDoS: Lessons Learned (ENOG 15)
ximaera
0
51
Other Decks in Technology
See All in Technology
Telemetry APIから学ぶGoogle Cloud ObservabilityとOpenTelemetryの現在 / getting-started-telemetry-api-with-google-cloud
k6s4i53rx
0
160
Amazon S3 Vectorsは大規模ベクトル検索を低コスト化するサーバーレスなベクトルデータベースだ #jawsugsaga / S3 Vectors As A Serverless Vector Database
quiver
2
1k
いかにして命令の入れ替わりについて心配するのをやめ、メモリモデルを 愛するようになったか(改)
nullpo_head
7
2.7k
LLM時代の検索とコンテキストエンジニアリング
shibuiwilliam
2
810
20250807 Applied Engineer Open House
sakana_ai
PRO
2
640
Claude Codeは仕様駆動の夢を見ない
gotalab555
23
7.3k
あなたの知らない OneDrive
murachiakira
0
120
ABEMAにおける 生成AI活用の現在地 / The Current Status of Generative AI at ABEMA
dekatotoro
0
440
Exadata Database Service on Dedicated Infrastructure セキュリティ、ネットワーク、および管理について
oracle4engineer
PRO
1
330
キャリアを支え組織力を高める「多層型ふりかえり」 / 20250821 Kazuki Mori
shift_evolve
PRO
2
180
生成AIによるデータサイエンスの変革
taka_aki
0
3.1k
R-SCoRe: Revisiting Scene Coordinate Regression for Robust Large-Scale Visual Localization
takmin
0
140
Featured
See All Featured
RailsConf 2023
tenderlove
30
1.2k
Code Reviewing Like a Champion
maltzj
525
40k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3.1k
Intergalactic Javascript Robots from Outer Space
tanoku
272
27k
The Pragmatic Product Professional
lauravandoore
36
6.8k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.8k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.5k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
810
Transcript
Contemporary requirements for zone transfers Artyom Gavrichenkov <
[email protected]
> GPG: 2deb
97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191
A long, long time ago. • /etc/hosts • Service owner
responsible for the name resolution
Next. • Authoritative DNS servers • DNS registries • Cloud
DNS services
A Split. Customers Providers
1
2
…
A Split. Customers Providers
Customers Providers • DNSSEC • CAA • TLS …
Customers Providers ? • DNSSEC • CAA • TLS …
Customers Providers • Backup datacenters • Geobalancing • ASN-based balancing
• CI/CD • DNSSEC • CAA • TLS …
None
DDoS Challenges • UDP-based protocol • Thanks God, a truncate
thing • Amplification attacks
Cloud solutions! • Amazon Route53 • Dyn • Azure •
Cloudflare • Google Cloud …
Cloud solutions! • Amazon Route53 • Dyn • Azure •
Cloudflare • Google Cloud … But.
Cloud solutions! • Amazon Route53 • Dyn • Azure •
Cloudflare • Google Cloud … But. What about AXFR?
None
“DNS Zone Transfers (AXFR/IXFR) support for Route53 is a hotly
asked for feature, and is one that we will consider adding in the future.” Amazon, 2012.
None
DNSControl https://github.com/StackExchange/dnscontrol/ “Synchronize your DNS to multiple providers from a
simple DSL”
A Standard? • DOTS • CDNI • DNSops?
A Standard? Zone transfers with blackjack and stuff • Balancing
and failover • Traffic load measurement & rate limiting • Dynamic filters • Extensions
Q&A Artyom Gavrichenkov <
[email protected]
>
ximaera
k6s4i53rx
quiver
nullpo_head
shibuiwilliam
%20(1).jpg){kind=avatar}
sakana_ai
gotalab555
murachiakira
dekatotoro
oracle4engineer
shift_evolve
taka_aki
takmin
tenderlove
maltzj
rmw
tanoku
lauravandoore
smashingmag
danielanewman
kastner
marktimemedia
chriscoyier
addyosmani
![Contemporary requirements for zone transfers Artyom Gavrichenkov <[email protected]> GPG: 2deb](https://files.speakerdeck.com/presentations/3eb7b96fd5824f42904d1ec183cc498b/slide_0.jpg){kind=link}
![Q&A Artyom Gavrichenkov <[email protected]>](https://files.speakerdeck.com/presentations/3eb7b96fd5824f42904d1ec183cc498b/slide_22.jpg){kind=link}