IPv6-specific misconfigurations in the DNS

Luuk  Hendriks; Pieter-Tjerk  de Boer; Aiko  Pras

doi:10.23919/CNSM.2017.8256036

IPv6-specific misconfigurations in the DNS

Luuk Hendriks, Pieter-Tjerk de Boer, Aiko Pras

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

3 Citations (Scopus)

Abstract

With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

Original language	English
Title of host publication	2017 13th International Conference on Network and Service Management (CNSM)
Publisher	IEEE
Number of pages	5
ISBN (Electronic)	978-3-901882-98-2
ISBN (Print)	978-1-5386-2153-0
DOIs	https://doi.org/10.23919/CNSM.2017.8256036
Publication status	Published - 2017
Event	13th International Conference on Network and Service Management, CNSM 2017 - Waseda University, Tokyo, Japan Duration: 27 Nov 2017 → 1 Dec 2017 Conference number: 13 http://www.cnsm-conf.org/2017/

Publication series

Name	International Conference on Network and Service Management Proceedings
Publisher	IEEE
ISSN (Print)	2165-963X

Conference

Conference	13th International Conference on Network and Service Management, CNSM 2017
Abbreviated title	CNSM
Country/Territory	Japan
City	Tokyo
Period	27/11/17 → 1/12/17
Internet address	http://www.cnsm-conf.org/2017/

Access to Document

10.23919/CNSM.2017.8256036

Cite this

@inproceedings{e2faa125bc1f431c8607d76e18da1c6a,

title = "IPv6-specific misconfigurations in the DNS",

abstract = "With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.",

author = "Luuk Hendriks and {de Boer}, Pieter-Tjerk and Aiko Pras",

year = "2017",

doi = "10.23919/CNSM.2017.8256036",

language = "English",

isbn = "978-1-5386-2153-0",

series = "International Conference on Network and Service Management Proceedings",

publisher = "IEEE",

booktitle = "2017 13th International Conference on Network and Service Management (CNSM)",

note = "13th International Conference on Network and Service Management, CNSM 2017, CNSM ; Conference date: 27-11-2017 Through 01-12-2017",

url = "http://www.cnsm-conf.org/2017/",

}

Hendriks, L, de Boer, P-T & Pras, A 2017, IPv6-specific misconfigurations in the DNS. in 2017 13th International Conference on Network and Service Management (CNSM). International Conference on Network and Service Management Proceedings, IEEE, 13th International Conference on Network and Service Management, CNSM 2017, Tokyo, Japan, 27/11/17. https://doi.org/10.23919/CNSM.2017.8256036

IPv6-specific misconfigurations in the DNS. / Hendriks, Luuk ; de Boer, Pieter-Tjerk ; Pras, Aiko .

2017 13th International Conference on Network and Service Management (CNSM). IEEE, 2017. (International Conference on Network and Service Management Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - IPv6-specific misconfigurations in the DNS

AU - Hendriks, Luuk

AU - de Boer, Pieter-Tjerk

AU - Pras, Aiko

N1 - Conference code: 13

PY - 2017

Y1 - 2017

N2 - With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

AB - With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

U2 - 10.23919/CNSM.2017.8256036

DO - 10.23919/CNSM.2017.8256036

M3 - Conference contribution

SN - 978-1-5386-2153-0

T3 - International Conference on Network and Service Management Proceedings

BT - 2017 13th International Conference on Network and Service Management (CNSM)

PB - IEEE

T2 - 13th International Conference on Network and Service Management, CNSM 2017

Y2 - 27 November 2017 through 1 December 2017

ER -

IPv6-specific misconfigurations in the DNS

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this