^ Top

NANOG Meeting Presentation Abstract

Protecting the BGP Routes to Top Level DNS Servers
Meeting: NANOG25
Date / Time: 2002-06-11 1:30pm - 2:15pm
Room: Grand York Ballroom
Presenters: Speakers:
Daniel Massey, USC/ISI.
Lan Wang, UCLA.
Lixia Zhang, UCLA.
Allison Mankin, USC/ISI.
Xiaoliang Zhao, NCSU.
Randy Bush, AT&T Research.
Felix Wu, UC Davis.
Dan Pei, UC Davis.
Abstract: In this talk, we analyze the BGP routes leading to root and generic Top Level Domain (gTLD) DNS servers and explore a protection mechanism for these critical routes. A fault or attack that creates a false route to these servers could deny access to millions of DNS zones or incorrectly redirect DNS queries to a malicious impostor. However, the temporary loss of a single server can be tolerated by the DNS.

Our approach is to apply BGP AS path filters that make the BGP routes to these critical servers less dynamic. This provides strong protection against false routes, but some potentially valid back-up routes can be rejected. We have validated our design against over one year of BGP route logs from nine diverse ISPs. Our results show that routers using our AS path filtering could effectively detect the insertion of invalid routes, while maintaining reachability to the top level DNS servers.
Files: pptDaniel Massey Presentation(PPT)
youtubeProtecting the BGP Routes to Top Level DNS Servers
Sponsors: None.

Back to NANOG25 agenda.

NANOG25 Abstracts

  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .
  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .
  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .
  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .
  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .
  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .
  • Panel: Smart Routing Technologies
    Moderators:
    Sue HaresNextHop; .
    Panelists:
    Jeremy JohnsonnetVmg; .
    Aaron BrittOpnix; .
    Robert BaysProficient; .
    Mike LloydRouteScience; .
    Daniel GoldingSockeye; .
    Brandon RossSockeye; .

 

^ Back to Top