Home | DNS-OARC

OARC Seeking Physical Office Services

Submitted by keith on Fri, 09/30/2016 - 14:42

OARC's legal entity does business in California, and our physical infrastructure and finances are run from the San Francisco Bay area. Due to a recent change in arrangements, OARC is seeking a new provider of physical office services in the area, effective immediately.

We're seeking a number of things, they need not all come from the same organization, but OARC Members local to the area are preferred if possible:

Read more about OARC Seeking Physical Office Services

OARC 25 in Dallas

OARC 25 is nearly upon us and we’re very excited. This will be our first Workshop in Dallas and Texas; and we have a jam packed Workshop programme with time devoted to ... [ Read More ]

Read more about OARC 25 in Dallas

2016 OARC Elections

During the 2016 OARC Annual General Meeting OARC Members will be electing three seats on the OARC Board of Directors. The seats becoming available are doing so on the following basis:

Read more about 2016 OARC Elections

2016 OARC Elections and AGM

The DNS-OARC 2016 Annual General Meeting will take place on the 15th of October at the start of the OARC25 Workshop, in Dallas, Texas, USA.

Read more about 2016 OARC Elections and AGM

Mitigating DNS Denial of Service Attacks

The DNS protocol is, unfortunately, an effective Denial-of-Service attack vector for a few reasons:

DNS generally uses the connectionless User Datagram Protocol (UDP) as its transport.
Many autonomous systems allow source-spoofed packets to enter their network.
There is no shortage of Open Resolvers on the Internet.

These three factors mean that attackers can create large amounts of unwanted response packets by reflecting DNS queries off open resolvers. In such an attack, a DNS query is generated with spoofed source IP addresses belonging to the victim. You can help reduce the effectiveness of these attacks by following the recommendations described below:

Read more about Mitigating DNS Denial of Service Attacks

DNS-OARC facility relocation, 14th-18th May 2016

Please be advised that DNS-OARC will be relocating its equipment and services to a new facility during next week starting this Saturday, May 14th through Wednesday the 18th. There will be multiple sporadic outages during this time affecting ALL services and ALL systems as a result.

Read more about DNS-OARC facility relocation, 14th-18th May 2016

RSSAC 002

ICANN's Root Server System Advisory Committee has recently defined two standards, including RSSAC 002 , designed to obtain a baseline of the metrics for the Root Zone, specifically so that root operators can detect and mitigate any abnormalities in the performance of the DNS Root Server System as it continues to grow and develop.

Read more about RSSAC 002

OARC's DNS Reply Size Test Server

Recent increases in DNSSEC deployment are exposing problems with DNS resolvers that cannot receive large responses.

Read more about OARC's DNS Reply Size Test Server

OARC's TLDmon Service

OARC's TLDmon uses Nagios to monitor operational characteristics of authoritative nameservers for the Root Zone and all Top Level Domains. TLDmon checks for authoritative answers, EDNS support, lame delegations, consistent NS RR sets, open resolvers, expired RRSIGs, matching serial numbers, and TCP support. As the Domain Name System continues its evolution, it becomes increasingly important that these critical nameservers are configured correctly.