SoylentNews is people
SoylentNews
from the rubbish-on-the-Internet?-say-it-isn't-so dept.
Cloudflare's new speed and privacy enhancing domain name system (DNS) servers, launched on Sunday, are also part of an experiment being conducted in partnership with the Asia Pacific Network Information Centre (APNIC).
The experiment aims to understand how DNS can be improved in terms of performance, security, and privacy.
"We are now critically reliant on the integrity of the DNS, yet the details of the way it operates still remains largely opaque," wrote APNIC's chief scientist Geoff Huston in a blog post.
"We are aware that the DNS has been used to generate malicious denial of service attacks, and we are keen to understand if there are simple and widely deployable measures that can be taken to mitigate such attacks. The DNS relies on caching to operate efficiently and quickly, but we are still unsure as to how well caching actually performs. We are also unclear how much of the DNS is related to end user or application requirements for name resolution, and how much is related to the DNS chattering to itself."
[...] The Cloudflare-APNIC experiment uses two IPv4 address ranges, 1.1.1/24 and 1.0.0/24, which have been reserved for research use. Cloudflare's new DNS uses two addresses within those ranges, 1.1.1.1 and 1.0.0.1.
These address ranges were originally configured as "dark traffic addresses", and some years ago APNIC partnered with Google to analyse the unsolicited traffic directed at them. There was a lot of it.
"Our initial work with it certainly showed it to be an unusually strong attractor for bad traffic. At the time we stopped doing it with Google, it was over 50 gigabits per second. Quite frankly, few folk can handle that much noise," Huston told ZDNet on Wednesday.
By putting Cloudflare's DNS on these research addresses, APNIC gets to see the noise as well as the DNS traffic -- or at least "a certain factored amount" of it -- for research purposes.
[...] While 1.1.1.1 is meant to have been used only for research, the Cloudflare-APNIC experiment has revealed that many operational systems have been using it in a variety of dirty hacks that breach internet routing standards.
[...] "Some folk, without any material to justify it, started configuring 1.1.1.1. Now, I can start using your IP address, I suppose, but we're both going to have a problem," Huston told ZDNet, laughing.
"In this case, I'm not sure that it really impacts upon the folk who are advertising the address, and to some extent because I am looking at the junk traffic that hits that address, it all adds to the interesting junk. But you shouldn't be doing it."
While Huston has yet to analyse any of the junk traffic in this new experiment, he said that it can still be measured in multiple gigabits per second.
"There's a lot of rubbish out there," he said.
(Score: 3, Interesting) by frojack on Saturday April 07 2018, @07:25PM (1 child)
Ok, you've usurped an IP reserved for research, why not tell us what your research found?
Is it just other people's research, people who, like you, never sought permission to advertise this route?
Is any of the traffic recognizable as to protocol or content?
If you knew ahead of time that there was 50 gig/second of traffic out there, why put something as critical as DNS on that address?
How much research was disrupted by your advertising this route world wide?
One man's rubbish ...
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Saturday April 07 2018, @08:51PM
Aliens. Really, aliens.
They take the "garbage" traffic on 1.1.1.1, merge it with the "garbage" traffic on 50.50.50.50 ...