<$BlogRSDUrl$> Marcus P. Zillman, M.S., A.M.H.A. Author/Speaker/Consultant
Marcus P. Zillman, M.S., A.M.H.A. Author/Speaker/Consultant
Internet Happenings, Events and Sources

Monday, October 20, 2003  

Operations, Analysis, and Research Center (OARC)

The Domain Name System (DNS), born 20+ years ago, has become the primary governor of traffic flows on the Internet. When the DNS stops working, so do all applications: no email, no web browsing, no instant messaging, no FTP, no e-commerce. Despite the critical nature of the DNS, responses to attacks have been handled informally, testing of software is not coordinated, and long-term analysis to better performance, stability, and security is sorely lacking.

ISC's Operations, Analysis, and Research Center (OARC) brings together key operators, implementers, and researchers on a trusted platform so they can coordinate responses, share information, and learn together. Operated by Internet Software Consortium (ISC), the leading provider of public infrastructure for the global DNS, the OARC includes as participants many root nameserver operators, and leading research institutions such as the University of California at San Diego's CAIDA.

The OARC has five key functions:

* Incident Response. The OARC provides a trusted, shared platform to allow the DNS operations community to share critical information during attacks or other incidents that effect the operation of the global DNS. Stringent confidentiality requirements and secure communications mean that proprietary information can be shared (or not) on a bilateral basis.

* Operational Characterization. As Internet traffic levels continue to grow, the demand on root and other key nameservers will outgrow the current infrastructure: this year's DDoS attack traffic levels will become next year's steady state load. OARC measures the performance and load of key nameservers and publish statistics on both traffic load and traffic type (including error types).

* Testing. A testing laboratory containing common DNS implementations and network elements allows rigorous analysis of fixes, patches, and performance levels in both a real-world operational environment and under simulated attack conditions.

* Analysis. Leading researchers and developers provide long-term analysis of DNS performance and post-mortems of attacks so that institutional learning occurs. A well-provisioned system allows members to upload traces and logs, and to perform their own analysis.

* Outreach. Many problems with the DNS are the result of misconfigurations by end users, vendors, or large corporate networks. Outreach insures that critical information about the global DNS reaches those that need to know.

posted by Marcus Zillman | 7:04 AM
subject tracers™