IPv6-specific misconfigurations in the DNS

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.
    Original languageEnglish
    Title of host publication2017 13th International Conference on Network and Service Management (CNSM)
    PublisherIEEE
    Number of pages5
    ISBN (Electronic)978-3-901882-98-2
    ISBN (Print)978-1-5386-2153-0
    DOIs
    Publication statusPublished - 2017
    Event13th International Conference on Network and Service Management, CNSM 2017 - Waseda University, Tokyo, Japan
    Duration: 27 Nov 20171 Dec 2017
    Conference number: 13
    http://www.cnsm-conf.org/2017/

    Publication series

    NameInternational Conference on Network and Service Management Proceedings
    PublisherIEEE
    ISSN (Print)2165-963X

    Conference

    Conference13th International Conference on Network and Service Management, CNSM 2017
    Abbreviated titleCNSM
    CountryJapan
    CityTokyo
    Period27/11/171/12/17
    Internet address

    Fingerprint

    Multiple zones
    Pattern matching
    Servers
    Internet

    Cite this

    Hendriks, L., de Boer, P-T., & Pras, A. (2017). IPv6-specific misconfigurations in the DNS. In 2017 13th International Conference on Network and Service Management (CNSM) (International Conference on Network and Service Management Proceedings). IEEE. https://doi.org/10.23919/CNSM.2017.8256036
    Hendriks, Luuk ; de Boer, Pieter-Tjerk ; Pras, Aiko . / IPv6-specific misconfigurations in the DNS. 2017 13th International Conference on Network and Service Management (CNSM). IEEE, 2017. (International Conference on Network and Service Management Proceedings).
    @inproceedings{e2faa125bc1f431c8607d76e18da1c6a,
    title = "IPv6-specific misconfigurations in the DNS",
    abstract = "With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97{\%} of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.",
    author = "Luuk Hendriks and {de Boer}, Pieter-Tjerk and Aiko Pras",
    year = "2017",
    doi = "10.23919/CNSM.2017.8256036",
    language = "English",
    isbn = "978-1-5386-2153-0",
    series = "International Conference on Network and Service Management Proceedings",
    publisher = "IEEE",
    booktitle = "2017 13th International Conference on Network and Service Management (CNSM)",
    address = "United States",

    }

    Hendriks, L, de Boer, P-T & Pras, A 2017, IPv6-specific misconfigurations in the DNS. in 2017 13th International Conference on Network and Service Management (CNSM). International Conference on Network and Service Management Proceedings, IEEE, 13th International Conference on Network and Service Management, CNSM 2017, Tokyo, Japan, 27/11/17. https://doi.org/10.23919/CNSM.2017.8256036

    IPv6-specific misconfigurations in the DNS. / Hendriks, Luuk ; de Boer, Pieter-Tjerk ; Pras, Aiko .

    2017 13th International Conference on Network and Service Management (CNSM). IEEE, 2017. (International Conference on Network and Service Management Proceedings).

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - IPv6-specific misconfigurations in the DNS

    AU - Hendriks, Luuk

    AU - de Boer, Pieter-Tjerk

    AU - Pras, Aiko

    PY - 2017

    Y1 - 2017

    N2 - With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

    AB - With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

    U2 - 10.23919/CNSM.2017.8256036

    DO - 10.23919/CNSM.2017.8256036

    M3 - Conference contribution

    SN - 978-1-5386-2153-0

    T3 - International Conference on Network and Service Management Proceedings

    BT - 2017 13th International Conference on Network and Service Management (CNSM)

    PB - IEEE

    ER -

    Hendriks L, de Boer P-T, Pras A. IPv6-specific misconfigurations in the DNS. In 2017 13th International Conference on Network and Service Management (CNSM). IEEE. 2017. (International Conference on Network and Service Management Proceedings). https://doi.org/10.23919/CNSM.2017.8256036