IPv6-specific misconfigurations in the DNS

Luuk Hendriks, Pieter-Tjerk de Boer, Aiko Pras

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Abstract

With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.
LanguageEnglish
Title of host publication2017 13th International Conference on Network and Service Management (CNSM)
PublisherInstitute of Electrical and Electronics Engineers
Number of pages5
ISBN (Electronic)978-3-901882-98-2
ISBN (Print)978-1-5386-2153-0
DOIs
Publication statusPublished - 2017
Event13th International Conference on Network and Service Management, CNSM 2017 - Waseda University, Tokyo, Japan
Duration: 27 Nov 20171 Dec 2017
Conference number: 13
http://www.cnsm-conf.org/2017/

Publication series

NameInternational Conference on Network and Service Management Proceedings
PublisherIEEE
ISSN (Print)2165-963X

Conference

Conference13th International Conference on Network and Service Management, CNSM 2017
Abbreviated titleCNSM
CountryJapan
CityTokyo
Period27/11/171/12/17
Internet address

Fingerprint

Multiple zones
Pattern matching
Servers
Internet

Cite this

Hendriks, L., de Boer, P-T., & Pras, A. (2017). IPv6-specific misconfigurations in the DNS. In 2017 13th International Conference on Network and Service Management (CNSM) (International Conference on Network and Service Management Proceedings). Institute of Electrical and Electronics Engineers. https://doi.org/10.23919/CNSM.2017.8256036
Hendriks, Luuk ; de Boer, Pieter-Tjerk ; Pras, Aiko . / IPv6-specific misconfigurations in the DNS. 2017 13th International Conference on Network and Service Management (CNSM). Institute of Electrical and Electronics Engineers, 2017. (International Conference on Network and Service Management Proceedings).
@inproceedings{e2faa125bc1f431c8607d76e18da1c6a,
title = "IPv6-specific misconfigurations in the DNS",
abstract = "With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97{\%} of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.",
author = "Luuk Hendriks and {de Boer}, Pieter-Tjerk and Aiko Pras",
year = "2017",
doi = "10.23919/CNSM.2017.8256036",
language = "English",
isbn = "978-1-5386-2153-0",
series = "International Conference on Network and Service Management Proceedings",
publisher = "Institute of Electrical and Electronics Engineers",
booktitle = "2017 13th International Conference on Network and Service Management (CNSM)",
address = "United States",

}

Hendriks, L, de Boer, P-T & Pras, A 2017, IPv6-specific misconfigurations in the DNS. in 2017 13th International Conference on Network and Service Management (CNSM). International Conference on Network and Service Management Proceedings, Institute of Electrical and Electronics Engineers, 13th International Conference on Network and Service Management, CNSM 2017, Tokyo, Japan, 27/11/17. https://doi.org/10.23919/CNSM.2017.8256036

IPv6-specific misconfigurations in the DNS. / Hendriks, Luuk ; de Boer, Pieter-Tjerk ; Pras, Aiko .

2017 13th International Conference on Network and Service Management (CNSM). Institute of Electrical and Electronics Engineers, 2017. (International Conference on Network and Service Management Proceedings).

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - IPv6-specific misconfigurations in the DNS

AU - Hendriks, Luuk

AU - de Boer, Pieter-Tjerk

AU - Pras, Aiko

PY - 2017

Y1 - 2017

N2 - With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

AB - With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work.

U2 - 10.23919/CNSM.2017.8256036

DO - 10.23919/CNSM.2017.8256036

M3 - Conference contribution

SN - 978-1-5386-2153-0

T3 - International Conference on Network and Service Management Proceedings

BT - 2017 13th International Conference on Network and Service Management (CNSM)

PB - Institute of Electrical and Electronics Engineers

ER -

Hendriks L, de Boer P-T, Pras A. IPv6-specific misconfigurations in the DNS. In 2017 13th International Conference on Network and Service Management (CNSM). Institute of Electrical and Electronics Engineers. 2017. (International Conference on Network and Service Management Proceedings). https://doi.org/10.23919/CNSM.2017.8256036

Access to Document