Md Rashedul Hasan
Md Rashedul Hasan is a System Admin at Apple Communications. I am responsible for developing strategies and doing research on System and Server My area of interests are DNS, NMM, Network Automation and Network Security. I have over 10 years of experience in the IT industry, holding various roles as Engineer, Trainer, Consultant, and Operations Management. I am an active speaker (BdNOG, APRICOT, SANOG, APIX, MMNOG) and share my knowledge.
Insights on DNS Security
Course Overview
It is common knowledge that DNS is a critical Internet infrastructure that requires security enhancements. DNS servers can be abused to leverage malicious attacks and DNS information can be spoofed. That is why over the years, many protocols and standards were introduced around DNS data validation and privacy.
This course will explore different insights on DNS security in the Asia-Pacific region, how we’re progressing with deploying DNSSEC, DNS privacy and other security protocols this year, as well as new efforts and initiatives on collectively promoting good DNS practices.
Course Outline
This course will cover the following topics:
- DNS Security Overview
- DNSSEC across the region
- DNS Best Practice
Course Materials
Root Server Deployment and Operations
Overview
Course Overview
In this course, three industry experts will be sharing their knowledge and experiences with root server deployment and operations.
Firstly, Martin Pels will introduce the DNS Root Server System. During this talk he will describe the different types of root servers, and some of the (technical) details involved in running a DNS Root Server before concluding with recommendations for ISPs on how to contribute to a healthy Root Server ecosystem.
Following this, Akira Kato will discuss how M-Root DNS Server started “small anycast” installation especially in Asia Pacific Region with APNIC. This talk will start with a brief overview of its traditional operational model, followed by the goal of “small anycast” sites. It will also explain the current model, status, and future plans.
Our final speaker, Lars-Johan Liman, will share insights gained from 30 years’ operating a Root Name Server. I.root-servers.net recently celebrated 30 years of continuous operation. This talk illustrates some of the challenges with operating a root name server and how these challenges have changed over time.
Course Outline
This course will cover the following topics:
Speaker One: Martin Pels
- Root Servers and the DNS hierarchy
- Root Server Operations
- What ISPs can do to contribute
Speaker Two: Akira Kato
- Root DNS server operation
- Characteristics of Anycast
- Small Anycast operational model
Speaker Three: Lars-Johan Liman
- Volunteer cooperation and collaboration work well as pillars for Internet’s infrastructure.
- Political issues have always been a factor for operators of core Internet infrastructure and continue to be so.
- Evolving business models make it harder to provide infrastructure services free of charge.
Course Materials
Martin Pels
Martin is a Senior System Engineer at RIPE NCC. He is part of the team that operates the K-Root and RIPE NCC Authoritive DNS services, as well as the Routing Information Service (RIS). Martin is co-founder of NLNOG RING.
Phyo Phyo Hein
Phyo graduated from the University of Computer Studies in Yangon with an honours degree of Bachelor in Computer Technology. Phyo has 16 years of experience in IT networking industry, she has worked for a few major ISPs and telecom operators in Myanmar and Singapore. In addition, Phyo is a senior IT networking trainer who has trained many engineers in Myanmar. She is also a MikroTik Certified Trainer, who regularly delivers official MikroTik certification trainings and exams.
In her day-to-day work, she supports ISPs in design, implementation and maintenance of their core networks. She also provides technology-based and operational trainings to ISPs and enterprises.
Phyo loves to do knowledge sharing and hopes to help improve ICT infrastructure in developing and undeveloped countries.
Amante Morales Alvaran
Amante has over 20 years of experience in the IT industry, holding various roles as Engineer, Trainer, Consultant, and Operations Management. Amante has PostGrad in Cyber and Data Management and is currently doing MBA in Cyber and Data Management.
Amante shares his knowledge as a voluntary Community Trainer for APNIC.
Using RIPE Atlas for Network Diagnostics
Overview
Course Overview
RIPE Atlas is a global, open, distributed Internet measurement platform, consisting of thousands of measurement devices(probes) that measure Internet connectivity in real time. In this webinar, we will introduce the RIPE Atlas project and demonstrate measurements such as traceroute, DNS etc which can provide valuable insight into a network and enable troubleshooting. We will explore running measurements from the Web UI and also from the CLI, and finally share details about how you can host a software probe in your network.
Course Outline
This course will cover the following topics:
- What is the RIPE Atlas project and why does it matter
- Getting started with RIPE Atlas measurements – traceroute, dns etc
- Demo of measurements from Web UI and CLI
- Host a RIPE Atlas Software probe
Course Materials
• Create an RIPE NCC Access account here: https://access.ripe.net/registration
• Login here: atlas.ripe.net
Slides: Using RIPE Atlas for Network Diagnostics
Arth Paulite
Arth is the Infrastructure Services Manager for APNIC, his role focuses on maintaining high availability and reliability of APNIC critical services and network infrastructure.
Arth started his career in 1993 as a Systems support Engineer in the Philippines while finishing off Computer Engineering degree. IN 1995, he joined Destiny Cable and helped established the first cable internet in the Philippines.
Reverse DNS for IPv4 and IPv6
Overview
Reverse DNS allows the mapping of a domain name from an IP address. This is achieved by the use of pseudo-domain names under in-addr.arpa (IPv4) and ip6.arpa (IPv6). For all IP address blocks that IANA (the Internet Assigned Numbers Authority) allocates to APNIC, it also delegates corresponding reverse DNS zones within the centrally administered “in-addr.arpa” and “ip6.arpa” domains.
Outline
This course will cover the following topics:
- What is Reverse DNS?
- Principles of DNS Tree
- Creating Reverse Zones
- Pointer (PTR) Records
- IPv6 Reverse Lookups
- Reverse delegation requirements
- APNIC & ISPs responsibilities
- Reverse Delegation Procedures
- Whois domain object
Course Materials
DNS Privacy: DoH/DoT
Overview
Learn the concepts of DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT), and how standards development of DoH/DoT attempts to add encryption and security to the Domain Name System (DNS) and fix some of the long-standing privacy issues with DNS.
Outline
This course will cover the following topics:
- A brief overview of DNS
- DNS Privacy
- DNS cloud providers
- DNS over TLS
- DNS over HTTPS
- Issues and criticisms
- Future of DNS privacy