Lame delegation status report DNS Operations SIG APNIC 20 2005, Hanoi History of Proposal (from AMM16/17) • Identify potential lameness −two points of test, AU.
Download ReportTranscript Lame delegation status report DNS Operations SIG APNIC 20 2005, Hanoi History of Proposal (from AMM16/17) • Identify potential lameness −two points of test, AU.
Lame delegation status report DNS Operations SIG APNIC 20 2005, Hanoi 1 History of Proposal (from AMM16/17) • Identify potential lameness −two points of test, AU & JP • Test the DNS reverse delegation −15 day test period • Attempt to notify the domain holder −45 day notice period • Disable lame DNS reverse delegation −If not corrected at end of notice period 2 Policy Implementation 30/09/2004 • First contact emails sent on 23/11/2004 −Due diligence delay −Make sure contact is warranted and appropriate • First ticket (tracking) created 23/11/2004 −First ticket resolved with nameservers fixed 30/11/2004 (7 days later) • Average time to resolve issues after contact email is now 2 days • First lame name servers undelegated 08/01/2005 3 Policy - technical caveats • Admin with more than 5 lame NS delayed process −Modification to ticket system written to manage work in HM department −Significant lameness removed once implemented 2Q05 • IPv6 lameness pending −IPv6 islands cause issues of connectivity −Some networks have interesting v6 ACLs −Relatively small set of delegations at present −Risk of removal for “Lab” networks 4 Policy effectiveness 60000 Corrected Reverse Domains Domains with no errors Remaining Lame domains 50000 40000 30000 20000 10000 0 06 12 17 24 31 06 13 18 24 01 / / / / / / / / / / 4 8 2 4 8 1 5 9 1 6 /0 /0 /1 /0 /0 /0 /0 /0 /0 /0 2 2 2 3 3 4 4 4 5 5 0 0 0 0 0 0 0 0 0 0 20 20 20 20 20 20 20 20 20 20 5 Policy effectiveness 25% Underlying Uncorrected Error Rate Corrected Error Rate Un-delegated Number of domains affected 20% 15% 10% 5% 0% 2004/01/01 2004/05/08 2004/09/13 Date 6 2005/01/19 2005/05/27 The resolution process • Reports from APNIC Hostmasters • Most problems in resolution were due to: −Forgotten password on resource −Incorrect contacts −Problems configuring a nameserver to be authoritative • Path reliability problems remain for many NS (flapping NS status) 7 Key points • Reduction in lame percentage − 18.66% on 01/08/04 − 16.34% on 15/02/05 • Only admins with <5 lame domains contacted − 8% on 25/08/05 • After process established for >5 lame admin • Ongoing process − Time to affect a change for any newly lame domain is 60 days − APNIC continually monitoring • IPv6 yet to be included • Policy appears affective • 16% Base (uncorrected) lameness remains − Communications/training/support issue 8 Questions? 9