Swapneel Patnekar

Swapneel Patnekar

@pswapneel

Take back control of your DNS - Run a recursive resolver on your system or in the network

Submitted Aug 21, 2020

Domain Name System (DNS) is the crucial & ubiquitous fabric of the Internet. Everything on the Internet uses the DNS.

While there are many parts to the DNS, in this workshop, I will dive deep into recursive resolvers. Most users on the Internet are unaware of recursive resolvers as the ISP architecture makes them obscured. In many cases, the ISP’s/users themsevles outsource their DNS to use 8.8.8.8 / 9.9.9.9 / 1.1.1.1 etc (Quad/Cloud DNS resolvers).

The choice of the recursive resolver is made by the ISP or the network the device connects to.

In this hands-on online workshop, I will teach participants to install and configure a recursive resolver which will also be configured with a local copy of the root zone (rfc 8806).

Outline

Why attend ?

  1. Take back control of your DNS instead of outsourcing it to a third party
  2. Decentralise the DNS Resolution - DNS Resolver centrality outlines the dependency on Open resolvers/Quad DNS providers
  3. Majority of DNS queries sent to the root server system are junk queries. By running a local copy of the root zone (rfc8806), junk queries from your system/network to the upstream root servers are eliminated

Agenda -

  1. Fundamentals of DNS
  2. Shift of the recursive resolvers
  3. DNS Resolver Centrality stats
  4. Configure a recursive resolver on your system with QNAME minimisation, local copy of the root zone etc
  5. Configure a recursive resolver for the entire network
  6. Best practices

Who should attend?

  1. Anyone running a network - In today’s world, everyone is running a network at home!
  2. Anyone who cares about the decentralising the Internet
  3. Anyone who is interested in DNS
  4. Engineers, programmers, system administrators
  5. All are welcome :-)

Requirements

Operating System -

  1. If using Windows Operating System, 64bit
  2. Administrative rights - If the device belongs to the company, the installation requires administrative rights. If you have administrative rights (it’s a strange world we live in now so anything is possible :-)), please consult with them first if you are allowed to install DNS software. My suggestion, don’t.

Speaker bio

Swapneel is network engineer & researcher working on DNS, DNSSEC, BGP, Unix systems and security.
As a technical trainer, he regularly conducts workshops on DNS, DNSSEC, Routing, Unix etc.
He is also an APNIC Community Trainer & a RIPE Atlas Ambassador.

In the recent past, he has delivered talks,

UKNOF Virtual July 2020 - Hyperlocal root & Localroot - Running a local copy of the DNS root zone
https://indico.uknof.org.uk/event/51/contributions/speakers

APNIC NFH June 2020 - Hyperlocal root & Localroot - Running a local copy of the DNS root zone
https://nfh.apnic.net/events/sea/#/day/1

null meetups May, June, July 2020 (Bhopal, Mumbai, Bangalore) - Using DNS as a layer of defense
https://null.community/profile/19522-swapneel-patnekar

He is also the Managing Director of Shreshta IT Technologies Pvt. Ltd,
a company based out of Belgaum, building & securing networks of micro,
small & medium enterprises & network operators in Tier-II and Tier-III
cities.

Slides

https://runyourownresolver.in/

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

We care about site reliability, cloud costs, security and data privacy