Abstract
The DNS, as one of the oldest components of the modern Internet, has been studied multiple times. It is a known fact that operational issues such as mis-configured name servers affect the responsiveness of the DNS service which could lead to delayed responses or failed queries. One of such misconfigurations is lame delegation and this article explains how it can be detected and also provides guidance to the African Internet community as to whether a policy lame reverse DNS should be enforced. It also gives an overview of the degree of lameness of the AFRINIC reverse domains where it was found that 45% of all reverse domains are lame.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
The African Network Information Centre (AFRINIC) is the Regional Internet Registry (RIR) for Africa and the Indian Ocean. AFRINIC allocates Internet number resources i.e. IPv4, IPv6 and Autonomous System (AS) numbers to network operators in its constituency.
- 2.
- 3.
- 4.
An authoritative name server holds the actual records (A, AAAA, CNAME, PTR, etc.) of the zones, as opposed to a recursive server or resolver that needs to query an authoritative name server to resolve a domain/address.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
AA means Authoritative Answer.
References
APNIC’s operational response to lame delegations. https://www.apnic.net/manage-ip/manage-resources/reverse-dns/lame-dns-reverse-delegation/apnics-operational-response
Barr, D.: Common DNS Operational and Configuration Errors (1996)
Albitz, P., et al.: DNS and BIND, 5th edn. O’Reilly, Sebastopol (2006)
Pappas, V., et al.: Distributed DNS troubleshooting. In: Proceedings of the ACM SIGCOMM Workshop on Network Troubleshooting Research, Theory and Operations Practice Meet Malfunctioning Reality - NetT 2004, p. 265 (2004)
Pappas, V., et al.: Impact of configuration errors on DNS robustness. IEEE J. Sel. Areas Commun. 27(3), 275–290 (2009)
Phokeer, A., et al.: A survey of anti-spam mechanisms from an RIR’s perspective. In: Proceedings - IST-Africa (2016)
Trostle, J.B., et al.: Protecting against DNS cache poisoning attacks. In: 2010 6th IEEE Workshop on Secure Network Protocols, NPSec 2010, pp. 25–30 (2010)
Wei, M.L., Lu, Y.C., Zhen, M.L.: Alleviating the impact of DNS DDoS attacks. In: NSWCTC 2010 - The 2nd International Conference on Networks Security, Wireless Communications and Trusted Computing, vol. 1, pp. 240–243 (2010)
RIPE-NCC. https://www.ripe.net/manage-ips-and-asns/resource-management/assisted-registry-check
van Adrichem, N.L.M., et al.: A measurement study of DNSSEC misconfigurations. Secur. Inf. 4(1), 8 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Phokeer, A., Aina, A., Johnson, D. (2018). DNS Lame Delegations: A Case-Study of Public Reverse DNS Records in the African Region. In: Bissyande, T., Sie, O. (eds) e-Infrastructure and e-Services for Developing Countries. AFRICOMM 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 208. Springer, Cham. https://doi.org/10.1007/978-3-319-66742-3_22
Download citation
DOI: https://doi.org/10.1007/978-3-319-66742-3_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66741-6
Online ISBN: 978-3-319-66742-3
eBook Packages: Computer ScienceComputer Science (R0)