warning: Creating default object from empty value in /usr/local/apache2/sites/drupal5/modules/taxonomy/ on line 33.
Public Stories, etc -- Check your resolver's transaction ID behavior

A number of people have been asking for a way to check transaction ID randomness, in addition to source port randomness. OARC's porttest tool has now been expanded to also report on transaction IDs. To use it, issue a TXT query for the name For example, with dig:

$ dig +short TXT
" is GREAT: 26 queries in 2.7 seconds from 26 txids with std dev 20574.11"

Also note that in conjunction with this enhancement, the scoring critera for porttest and txidtest have been changed to match the web-based port test. The scoring is as follows:

Submitted by wessels on Mon, 2008-07-28 17:24 categories [ ]

OARC hosted mailing lists

OARC operates a number of mailing lists for its members, for other groups, and for the public.


A closed list for OARC members only.
Users are automatically subscribed based on the information in the portal database. Posts are accepted from list members only and are not normally held for approval. All OARC-related topics are appropriate.
To read the members archives, you'll need to know your mailman password. If you don't know your mailman password, visit the listinfo page and enter your email address at the bottom to receive a password reminder.


An open public forum for informal reporting, tracking, resolving, and discussing DNS operational issues including outages, attacks, errors, failures, and features. Discussion of non-ICANN root systems is explicitly off-topic.
Subscriptions are open to anyone and will be approved by a list moderator. Posts are accepted from list members only and are not normally held for approval. Participants with a history of off-topic posts will be moderated.
Visit the dns-operations page to subscribe and read the archives.


Mailing list for co-ordinating operators of anycasted AS112 DNS servers for RFC1918 in-addr queries.
List participants must be AS112 server operators. Posts are accepted from list members only and are not normally held for approval. Archives are publicly readable.
Visit the as112-ops page to subscribe and read the archives.

Private Lists

OARC also hosts a number of private mailing lists as a service to its membership. Any OARC member can request the creation of a private mailing list whose charter is related to OARC's mission. Members may view information about OARC's private lists.

Submitted by wessels on Tue, 2008-07-08 23:50 categories [ ]


One of OARC's activities is to convene periodic workshops, usually focused on DNS research and operations.

Please see the hosting page if your organization is considering hosting an OARC workshop.

Submitted by admin on Tue, 2008-01-15 23:19 categories [ ]

DSC - DNS Stats Collector

dsc is a system for collecting and exploring statistics from busy DNS servers. It uses a distributed architecture with collectors running on or near nameservers sending their data to one or more central presenters for display and archiving. Collectors use pcap to sniff network traffic. They transmit aggregated data to the
presenter as XML data.

dsc is configurable to allow the administrator to capture any kind of data that he or she chooses. A sample configuration is included that captures the following data:

  • Query types
  • Response codes
  • Opcodes
  • Source addressess or subnets
  • Query name TLD
  • EDNS parameters
  • Known types of DNS "pollution"
  • Message sizes
  • IP transport
  • TCP/UDP ports

The dsc source code is maintained by The Measurement Factory. A few sample screenshots are shown below:

Submitted by admin on Fri, 2008-01-11 19:15 categories [ ]

DNSSEC Walker - Similar to "dnswalk" but for use with DNSSEC


Similar to "dnswalk" but for use with DNSSEC, of course.

Submitted by admin on Fri, 2008-01-11 19:10 categories [ ]

Active Measurement of Anycast DNS

OARC member Yuji Sekiya, from WIDE, presents work related to active measurement of the anycast instances of root DNS servers. Follow the attachment link below to view slides for the presentation.

Submitted by bwatson on Tue, 2006-03-21 06:13 categories [ ]

Quarterly 48-hour tcpdump

The following OARC members participate in quarterly 48-hour data collection:

ISC (F-root)
RIPE (K-root)
Cogent (C-root)
NASA (E-root)

Root and TLD operators have very different network topologies and methods by which they provide DNS service. Such details may be useful to researchers studying this data. Links to specific details such as anycast vs. unicast routing and addressing, global vs. local nodes, geographic location, and autonomous systems are provided below for each member that submits data.




Submitted by bwatson on Wed, 2006-03-15 17:12 categories [ ]

Contributing Data to OARC

The following links provide information for members to upload various types of data to the OARC catalog. Organizations that wish to only share data with OARC (but have no access to member data/services), see the OARC Participation Agreement.

Click here for instructions on uploading PCAP files from quarterly 48-hour tcpdump runs.

Click here for instructions on uploading DSC statistics via SSH.

Submitted by bwatson on Thu, 2006-03-09 18:53 categories [ ]

Experiments in Scalable Trust Infrastructure

Submitted by bwatson on Fri, 2005-10-14 21:17 categories [ ]

Technical Report on Scalable Trust Infrastructure Experiment

OARC-TN-2005-1: Experiments in Scalable Trust Infrastructure

OARC-TN-2005-1 B. Watson
  October 14, 2005

Experiments in Scalable Trust Infrastructure

Copyright Notice

Copyright (C) Internet Systems Consortium, Inc. (2005).
All Rights Reserved.

Submitted by bwatson on Fri, 2005-10-14 14:48 categories [ ]