Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Contemporary requirements for zone transfers

Avatar for Artyom "Töma" Gavrichenkov Artyom "Töma" Gavrichenkov
October 12, 2017
Technology
0
50

Contemporary requirements for zone transfers

Avatar for Artyom "Töma" Gavrichenkov

Artyom "Töma" Gavrichenkov

October 12, 2017
Tweet

More Decks by Artyom "Töma" Gavrichenkov

See All by Artyom "Töma" Gavrichenkov
[EE DNS Forum 2018] DDoS on DNS: past, present and inevitable
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
57
Wrong, wrong, WRONG! methods of DDoS mitigation
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
340
DDoS Beasts and How to Fight Them (Nginx Conf 2018)
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
190
DDoS tutorial (China ISC 360)
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
240
[RU] “I, Not Robot". A design of the contemporary CAPTCHA challenges and the future of the Turing test
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
120
DDoS 101 (2018, PaymentSecurity RU 2018)
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
37
Memcached Amplification: Lessons Learned (NANOG 73)
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
210
DDoS Beasts and How to Fight Them
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
58
Memcached Amplification DDoS: Lessons Learned (ENOG 15)
Avatar for Artyom "Töma" Gavrichenkov ximaera
0
51

Other Decks in Technology

See All in Technology
Fabric + Databricks 2025.6 の最新情報ピックアップ
Avatar for Ryoma Nagata ryomaru0825
1
150
JEDAI Databricks Free Editionもくもく会
Avatar for Takaaki Yayoi taka_aki
1
110
「良さそう」と「とても良い」の間には 「良さそうだがホンマか」がたくさんある / 2025.07.01 LLM品質Night
Avatar for Shumpei Miyawaki smiyawaki0820
1
380
WordPressから ヘッドレスCMSへ! Storyblokへの移行プロセス
Avatar for Nagisa Yata nyata
0
170
なぜ私はいま、ここにいるのか? #もがく中堅デザイナー #プロダクトデザイナー
Avatar for 弁護士ドットコム bengo4com
0
1.1k
生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub
Avatar for MasahiroKawahara masahirokawahara
0
270
Claude Code Actionを使ったコード品質改善の取り組み
Avatar for Katsunori Kanda potix2
PRO
6
2.5k
Lambda Web Adapterについて自分なりに理解してみた
Avatar for Makky12 smt7174
5
130
Microsoft Build 2025 技術/製品動向 for Microsoft Startup Tech Community
Avatar for Toru Makabe torumakabe
2
310
A2Aのクライアントを自作する
Avatar for Ryunosuke Iwai rynsuke
1
220
mrubyと micro-ROSが繋ぐロボットの世界
Avatar for Katsuhiko Kageyama kishima
2
360
25分で解説する「最小権限の原則」を実現するための AWS「ポリシー」大全 / 20250625-aws-summit-aws-policy
Avatar for opelab opelab
9
1.2k

Featured

See All Featured
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
63
7.8k
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
277
23k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
271
27k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
15
1.5k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
1
380
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
48
5.4k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
54
11k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.5k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
790
250k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
331
24k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.5k

Transcript

  1. Contemporary requirements for zone transfers Artyom Gavrichenkov <[email protected]> GPG: 2deb

    97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191

  2. A long, long time ago. • /etc/hosts • Service owner

    responsible for the name resolution

  3. Next. • Authoritative DNS servers • DNS registries • Cloud

    DNS services

  4. A Split. Customers Providers

  5. 1

  6. 2

  8. A Split. Customers Providers

  9. Customers Providers • DNSSEC • CAA • TLS …

  10. Customers Providers ? • DNSSEC • CAA • TLS …

  11. Customers Providers • Backup datacenters • Geobalancing • ASN-based balancing

    • CI/CD • DNSSEC • CAA • TLS …
  12. None

  13. DDoS Challenges • UDP-based protocol • Thanks God, a truncate

    thing • Amplification attacks

  14. Cloud solutions! • Amazon Route53 • Dyn • Azure •

    Cloudflare • Google Cloud …

  15. Cloud solutions! • Amazon Route53 • Dyn • Azure •

    Cloudflare • Google Cloud … But.

  16. Cloud solutions! • Amazon Route53 • Dyn • Azure •

    Cloudflare • Google Cloud … But. What about AXFR?
  17. None

  18. “DNS Zone Transfers (AXFR/IXFR) support for Route53 is a hotly

    asked for feature, and is one that we will consider adding in the future.” Amazon, 2012.
  19. None

  20. DNSControl https://github.com/StackExchange/dnscontrol/ “Synchronize your DNS to multiple providers from a

    simple DSL”

  21. A Standard? • DOTS • CDNI • DNSops?

  22. A Standard? Zone transfers with blackjack and stuff • Balancing

    and failover • Traffic load measurement & rate limiting • Dynamic filters • Extensions

  23. Q&A Artyom Gavrichenkov <[email protected]>