Date post: | 28-Dec-2015 |
Category: |
Documents |
Upload: | sophie-davis |
View: | 216 times |
Download: | 0 times |
AM TLD GovernanceAM TLD Governance
The role of ITC/AMNICThe role of ITC/AMNIC
AMNIC public servicesAMNIC public services DNS
Whois
WWW
Other services – e-mail, NTP, cDNS, RIPE Atlas
Database - behind of scene
DNS Zone file management
Slaves – diversity, reliability, security
DNSSEC
IANA
DNSSEC pros
Authentication of origin
Record's non-existence verification
DANE/TLSA !
No MITM and cache poisoning anymore
DNSSEC cons
Additional maintenance tasks
Target for DDoS - larger responses, more CPU load and RAM
usage
Increased cost of errors
Back to other services
Whois - standard and web interfaces
Web interfaces to database updates
NTP stratum 1 server - ntp.amnic.net
member of pool.ntp.org cDNS - an instance of anycast cloud
E-mail - other way to communicate
Hardware, connectivity, etcHardware, connectivity, etc
Two datacentres
Two power sources
Two upstream NSPs
Datacentres
Server per service - virtualization
Database streaming replication
Total logging
Backup to opposite DC
Internal anycasting
Upstreams
Connected to local exchanges
Native IPv6
Multihomed, with large capacity
Power
Good UPS systems
Reliable switching between sources
Disaster recovery
Recovery from backup
Migration to alive database
Migration to alive datacentre
What to improve
Power generator system in main DC
Paid escrow service out of country
Global anycasting of DNS