Welcome to vGRNOG10
Presentation of the new management network implemented at AMS-IX with Dell/Pluribus switches in fabric deployment
The TCP Authentication Option (TCP-AO)
Automation is the key for simplifying network operations from provisioning to day-to-day management. Where manual processes require resources to scale linearly with the network, automation tools amplify the work of each network operations engineer. Simultaneously, the programmatic operation of the network means that it is faster to provision new policies and services in the network.
We present a privacy-aware schema that is suitable for distributing the contents of Authoritative DNS Server zones to third parties (Recursive DNS Servers, scrubbing services), without disclosing sensitive information. Our schema aims at defending against DNS attacks efficiently, closer to their sources. It is based on the space, time and privacy-aware properties of Cuckoo Filters to map Authoritative DNS Server names efficiently, while enabling rapid name updates for large zones. The feasibility of our schema is tested within our laboratory testbed for various DNS zones. Our work was published in the Proceedings of ACM/IRTF Applied Networking Research Workshop 2020 (ANRW 2020) under the title “Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers”.