The document describes the implementation and deployment of the Sauron system for DNS management at a university. It discusses the motivation for using Sauron to manage DNS records, which includes providing a user-friendly interface, concurrent modification capabilities, and delegation rights for large organizations. The document outlines the technologies involved, including DNS and LDAP, and describes testing and deploying the Sauron system integrated with the university's existing BIND DNS server infrastructure.
This curriculum vitae outlines the professional experience and qualifications of Md. Shahed Anwar. He has over 15 years of experience in IT, networking, and telecommunications roles. Currently he works as a Manager at Grameenphone managing infrastructure including Active Directory, Exchange Server, and security systems. He has multiple technical certifications including Microsoft, Cisco, CompTIA, and ITIL.
Satyajit Tripathi has presented and evangelized OpenSolaris and Its Advanced Technologies at MSC OS Conference 2009 at KL Malaysia. He is also blogging on http://blogs.sun.com/stripathi.
The document discusses security and privacy considerations for big data systems. It proposes two main areas of focus: 1) developing new security and privacy design patterns tailored for big data, and 2) defining a "big data security fabric" to orchestrate security across big data tools and technologies. The document also provides examples of how security innovations from Apache Storm could be integrated into other frameworks to provide features like authentication, authorization, and data isolation. Finally, it discusses challenges around clarifying the definition of a "security fabric" and leveraging existing models to guide development while addressing the unique aspects of big data technologies and use cases.
Hadoop Maharajathi,II-M.sc.,Computer Science,Bonsecours college for womenmaharajothip1
This document provides an overview of Hadoop, an open-source software framework for distributed storage and processing of large datasets across commodity hardware. It discusses Hadoop's history and goals, describes its core architectural components including HDFS, MapReduce and their roles, and gives examples of how Hadoop is used at large companies to handle big data.
SoftLayer has over 32,000 physical servers under management across 4,000 server pods clustered in regional network cores located in datacenters in Dallas, Seattle, and Washington DC. SoftLayer began looking at IPv6 in 2008 and launched support for it in January 2009, but faced challenges with network hardware support, provider support for their allocation scheme, tracking applications, operations support, and customer adoption. They addressed these challenges by using tunnels where hardware didn't support IPv6, negotiating with providers, designing their own allocation scheme, adapting their tracking applications, automating operations, and educating champion customers.
Get an overview of the Domain Name System (DNS) one of the pillars of the Internet and understand the internal security issues of the DNS as well as the crucial role it plays in cybersecurity.
This session from the TYPO3 Conference 2007 gives you a peek into the current development state of the TYPO3 Framework and its main features such as Aspect Oriented Programming, Dependency Injection and the Model View Controller Framework. Bottom line of all development with 5.0 is: Domain Driven Design.
This curriculum vitae outlines the professional experience and qualifications of Md. Shahed Anwar. He has over 15 years of experience in IT, networking, and telecommunications roles. Currently he works as a Manager at Grameenphone managing infrastructure including Active Directory, Exchange Server, and security systems. He has multiple technical certifications including Microsoft, Cisco, CompTIA, and ITIL.
Satyajit Tripathi has presented and evangelized OpenSolaris and Its Advanced Technologies at MSC OS Conference 2009 at KL Malaysia. He is also blogging on http://blogs.sun.com/stripathi.
The document discusses security and privacy considerations for big data systems. It proposes two main areas of focus: 1) developing new security and privacy design patterns tailored for big data, and 2) defining a "big data security fabric" to orchestrate security across big data tools and technologies. The document also provides examples of how security innovations from Apache Storm could be integrated into other frameworks to provide features like authentication, authorization, and data isolation. Finally, it discusses challenges around clarifying the definition of a "security fabric" and leveraging existing models to guide development while addressing the unique aspects of big data technologies and use cases.
Hadoop Maharajathi,II-M.sc.,Computer Science,Bonsecours college for womenmaharajothip1
This document provides an overview of Hadoop, an open-source software framework for distributed storage and processing of large datasets across commodity hardware. It discusses Hadoop's history and goals, describes its core architectural components including HDFS, MapReduce and their roles, and gives examples of how Hadoop is used at large companies to handle big data.
SoftLayer has over 32,000 physical servers under management across 4,000 server pods clustered in regional network cores located in datacenters in Dallas, Seattle, and Washington DC. SoftLayer began looking at IPv6 in 2008 and launched support for it in January 2009, but faced challenges with network hardware support, provider support for their allocation scheme, tracking applications, operations support, and customer adoption. They addressed these challenges by using tunnels where hardware didn't support IPv6, negotiating with providers, designing their own allocation scheme, adapting their tracking applications, automating operations, and educating champion customers.
Get an overview of the Domain Name System (DNS) one of the pillars of the Internet and understand the internal security issues of the DNS as well as the crucial role it plays in cybersecurity.
This session from the TYPO3 Conference 2007 gives you a peek into the current development state of the TYPO3 Framework and its main features such as Aspect Oriented Programming, Dependency Injection and the Model View Controller Framework. Bottom line of all development with 5.0 is: Domain Driven Design.
SharePoint Global Deployment with Joel OlesonJoel Oleson
SharePoint Global Deployments can be daunting. When you have all the information it doesn't need to be difficult to decide between the three most common deployments, centralized, regional, and distributed. With WAN data and application scenarios with performance requirements you can solve this often difficult decision.
This document provides a summary of Lucky Bhandari's work experience and qualifications. He has over 10 years of experience in IT and ITES industries providing support for products, services, and implementing information solutions. He has expertise in areas such as networking, Active Directory, Office 365, PowerShell scripting, and virtualization. His roles have included technical lead, technical engineer, and technical account manager for Microsoft technologies where he has designed, deployed, and administered network infrastructures and Active Directory environments for clients.
This document provides an introduction to distributed systems. It defines distributed systems in several ways, including as a collection of independent computers that appears as a single system to users. It discusses key characteristics like autonomy of components and transparency. The goals of distributed systems are also covered, such as remote accessibility, transparency, openness, and scalability. Examples of hardware organizations for distributed systems include multiprocessors, multicomputers, and heterogeneous systems.
The document proposes a solution to design, develop, and implement a DCAA web portal. It outlines a team structure with a Project Leader responsible for execution. The scope includes requirements gathering, design, development, testing, packaging, deployment, and documentation. It recommends software and hardware for the operating environment and lists user browser support. Costs provided are based on 218 man days of effort across phases. The proposed timeline is 106 working days total.
This document outlines the syllabus for a distributed systems course. The syllabus covers six units: (1) introduction to distributed systems including goals, examples, and challenges; (2) process and resource management; (3) memory management; (4) time and global states; (5) distributed scheduling and deadlock; and (6) distributed file systems. Some key topics discussed include hardware and software concepts for distributed computing, distributed system architectures, advantages and disadvantages, and trends such as internet of things. Challenges of building distributed systems such as performance, concurrency, failures and heterogeneity are also summarized.
Pass chapter meeting - november - partitioning for database availability - ch...Charley Hanania
Charley Hanania discusses logically partitioning databases to improve performance and availability. Logically partitioning involves separating database objects into different filegroups and files based on criticality and usage. This allows placing high performance objects on faster storage. It also enables partial database availability so that core functions can still operate if a disk fails without affecting unrelated objects. The presentation provides examples to incorporate logical partitioning into application database designs for better performance, management, and disaster recovery.
P.Maharajothi,II-M.sc(computer science),Bon secours college for women,thanjavur.MaharajothiP
Hadoop is an open-source software framework that supports data-intensive distributed applications. It has a flexible architecture designed for reliable, scalable computing and storage of large datasets across commodity hardware. Hadoop uses a distributed file system and MapReduce programming model, with a master node tracking metadata and worker nodes storing data blocks and performing computation in parallel. It is widely used by large companies to analyze massive amounts of structured and unstructured data.
Welcome to the first webinar in the series of Cyclone DDS Unleashed.
In this session, our CEO and CTO, Angelo Corsaro, and our DDS Head of Technology, Erik Boasson, will share their expertise on how the DDS technology evolved to become the OMG standard we have today, the ZettaScale's approach to DDS and why during the ROSCon in Kyoto from 2022, we kept hearing from users that Cyclone DDS was their favourite OMG implementation.
If you have any questions and you want to reach out, you can send us an email at contact@zettascale.tech or join our Discord channel: https://discord.gg/6GwdBxntxt
You can read more about Cyclone DDS on our website: https://www.zettascale.tech/product/cyclone
Stay up to date with the latest news:
Twitter: https://twitter.com/zettascaletech
LinkedIn: https://www.linkedin.com/company/zettascaletech/
Website: https://www.zettascale.tech/
Newsletter: http://eepurl.com/igPw31
This document provides an overview of techniques highlighted in ThoughtWorks' May 2013 Technology Radar. Some key techniques discussed include:
1. Embracing falling boundaries and the perimeterless enterprise as mobile devices and cloud services break down network boundaries.
2. Applying concepts like collaborative analytics, where all developers have basic data science skills and work with experts, as well as continuous delivery for mobile.
3. Leveraging infrastructure as code and tools like machine images to reliably deploy identical environments that have passed all tests.
Tailoring your SDLC for DevOps, Agile and moreJeff Schneider
MomentumSI encourages tailoring an SDLC based on industry best practices and philosophies. The document discusses incorporating practices from Scrum, Test Driven Development, Feature Driven Development, Lean Software Development, Agile Manifesto, Extreme Programming, DevOps, Enterprise SOA Manifesto, Harmony SOA Tenets, OpenUP, Enterprise Unified Process, BABOK, ITIL, PMBOK, and COBIT. The tailored SDLC should provide traceability back to these influences while serving the specific needs of the organization.
The document provides an overview of Hadoop ecosystem components including HDFS, MapReduce, and YARN. It discusses HDFS components NameNode and DataNode and their roles in storing and managing data. MapReduce is described as the data processing layer that divides jobs into independent tasks. YARN provides resource management and allows multiple data processing engines. The document also covers topics like data discovery, benefits of data discovery, tools for data discovery, cloud computing models, and an example case study of using big data in the cloud for call center monitoring.
This document discusses modern data architecture and Apache Hadoop's role within it. It presents WANdisco and its Non-Stop Hadoop solution, which extends HDFS across multiple data centers to provide 100% uptime for Hadoop deployments. Non-Stop Hadoop uses WANdisco's patented distributed coordination engine to synchronize HDFS metadata across sites separated by wide area networks, enabling continuous availability of HDFS data and global HDFS deployments.
Steve Long has over 10 years of experience working with Novell/NetIQ identity and access management solutions. He has extensive experience designing, implementing, and supporting NetIQ Identity Manager and NetIQ Access Manager environments. He has worked in identity management roles for companies such as Hearst Corporation, Continental Tire, and BASF Corporation. His technical skills include eDirectory, Active Directory, virtualization, directory services, and single sign-on technologies.
The client provides research and information solutions to the healthcare industry. Hexaware customized Drupal to tailor it to the client's business needs, including features for online document publishing, tagging documents, and sharing documents. Hexaware also improved performance by archiving old content and integrating the Apache Solr search module. The solution provided a scalable development platform and reduced costs.
SharePoint 2016 Beta 2 What's new (End users and IT Pros) Microsoft Innovat...serge luca
This document summarizes information presented by Serge Luca about SharePoint 2016. It discusses improvements to the user interface to make it more like Office 365, a more cloud-inspired infrastructure with features like OneDrive redirection. It also covers new compliance and reporting features like deletion policies and data loss prevention. The document outlines what is deprecated in SharePoint 2016 like Forefront Identity Manager and supported features. It provides information on hardware/software requirements, boundaries, and the new minimum role topology. Finally, it discusses upgrading to SharePoint 2016 and the roadmap going forward.
SunGard’s Data Profiling Service
The service allows organisations to review the data held in Windows environments, enabling them to determine their value to the business and to identify those which can be deleted, archived or retained in the live environment.
This document discusses SDN (Software Defined Networking) concepts including controllers, applications, and components. It provides brief descriptions of popular open source SDN controllers like NOX, POX, Ryu, Floodlight, Opendaylight, and ONOS. It also summarizes common SDN applications like routing protocols and security applications. Key SDN characteristics and benefits are outlined as well.
Ctive directory interview question and answerssankar palla
Active Directory is a centralized database that stores information about a network. It allows for centralized management of users, computers, printers, and other network resources. A domain controller is a server that authenticates users and authorizes access to resources on the network. Active Directory uses protocols like LDAP and KCC to enable replication and management of directory data across multiple domain controllers. Application partitions allow specific Active Directory data to be replicated only to designated domain controllers, providing redundancy.
SharePoint Global Deployment with Joel OlesonJoel Oleson
SharePoint Global Deployments can be daunting. When you have all the information it doesn't need to be difficult to decide between the three most common deployments, centralized, regional, and distributed. With WAN data and application scenarios with performance requirements you can solve this often difficult decision.
This document provides a summary of Lucky Bhandari's work experience and qualifications. He has over 10 years of experience in IT and ITES industries providing support for products, services, and implementing information solutions. He has expertise in areas such as networking, Active Directory, Office 365, PowerShell scripting, and virtualization. His roles have included technical lead, technical engineer, and technical account manager for Microsoft technologies where he has designed, deployed, and administered network infrastructures and Active Directory environments for clients.
This document provides an introduction to distributed systems. It defines distributed systems in several ways, including as a collection of independent computers that appears as a single system to users. It discusses key characteristics like autonomy of components and transparency. The goals of distributed systems are also covered, such as remote accessibility, transparency, openness, and scalability. Examples of hardware organizations for distributed systems include multiprocessors, multicomputers, and heterogeneous systems.
The document proposes a solution to design, develop, and implement a DCAA web portal. It outlines a team structure with a Project Leader responsible for execution. The scope includes requirements gathering, design, development, testing, packaging, deployment, and documentation. It recommends software and hardware for the operating environment and lists user browser support. Costs provided are based on 218 man days of effort across phases. The proposed timeline is 106 working days total.
This document outlines the syllabus for a distributed systems course. The syllabus covers six units: (1) introduction to distributed systems including goals, examples, and challenges; (2) process and resource management; (3) memory management; (4) time and global states; (5) distributed scheduling and deadlock; and (6) distributed file systems. Some key topics discussed include hardware and software concepts for distributed computing, distributed system architectures, advantages and disadvantages, and trends such as internet of things. Challenges of building distributed systems such as performance, concurrency, failures and heterogeneity are also summarized.
Pass chapter meeting - november - partitioning for database availability - ch...Charley Hanania
Charley Hanania discusses logically partitioning databases to improve performance and availability. Logically partitioning involves separating database objects into different filegroups and files based on criticality and usage. This allows placing high performance objects on faster storage. It also enables partial database availability so that core functions can still operate if a disk fails without affecting unrelated objects. The presentation provides examples to incorporate logical partitioning into application database designs for better performance, management, and disaster recovery.
P.Maharajothi,II-M.sc(computer science),Bon secours college for women,thanjavur.MaharajothiP
Hadoop is an open-source software framework that supports data-intensive distributed applications. It has a flexible architecture designed for reliable, scalable computing and storage of large datasets across commodity hardware. Hadoop uses a distributed file system and MapReduce programming model, with a master node tracking metadata and worker nodes storing data blocks and performing computation in parallel. It is widely used by large companies to analyze massive amounts of structured and unstructured data.
Welcome to the first webinar in the series of Cyclone DDS Unleashed.
In this session, our CEO and CTO, Angelo Corsaro, and our DDS Head of Technology, Erik Boasson, will share their expertise on how the DDS technology evolved to become the OMG standard we have today, the ZettaScale's approach to DDS and why during the ROSCon in Kyoto from 2022, we kept hearing from users that Cyclone DDS was their favourite OMG implementation.
If you have any questions and you want to reach out, you can send us an email at contact@zettascale.tech or join our Discord channel: https://discord.gg/6GwdBxntxt
You can read more about Cyclone DDS on our website: https://www.zettascale.tech/product/cyclone
Stay up to date with the latest news:
Twitter: https://twitter.com/zettascaletech
LinkedIn: https://www.linkedin.com/company/zettascaletech/
Website: https://www.zettascale.tech/
Newsletter: http://eepurl.com/igPw31
This document provides an overview of techniques highlighted in ThoughtWorks' May 2013 Technology Radar. Some key techniques discussed include:
1. Embracing falling boundaries and the perimeterless enterprise as mobile devices and cloud services break down network boundaries.
2. Applying concepts like collaborative analytics, where all developers have basic data science skills and work with experts, as well as continuous delivery for mobile.
3. Leveraging infrastructure as code and tools like machine images to reliably deploy identical environments that have passed all tests.
Tailoring your SDLC for DevOps, Agile and moreJeff Schneider
MomentumSI encourages tailoring an SDLC based on industry best practices and philosophies. The document discusses incorporating practices from Scrum, Test Driven Development, Feature Driven Development, Lean Software Development, Agile Manifesto, Extreme Programming, DevOps, Enterprise SOA Manifesto, Harmony SOA Tenets, OpenUP, Enterprise Unified Process, BABOK, ITIL, PMBOK, and COBIT. The tailored SDLC should provide traceability back to these influences while serving the specific needs of the organization.
The document provides an overview of Hadoop ecosystem components including HDFS, MapReduce, and YARN. It discusses HDFS components NameNode and DataNode and their roles in storing and managing data. MapReduce is described as the data processing layer that divides jobs into independent tasks. YARN provides resource management and allows multiple data processing engines. The document also covers topics like data discovery, benefits of data discovery, tools for data discovery, cloud computing models, and an example case study of using big data in the cloud for call center monitoring.
This document discusses modern data architecture and Apache Hadoop's role within it. It presents WANdisco and its Non-Stop Hadoop solution, which extends HDFS across multiple data centers to provide 100% uptime for Hadoop deployments. Non-Stop Hadoop uses WANdisco's patented distributed coordination engine to synchronize HDFS metadata across sites separated by wide area networks, enabling continuous availability of HDFS data and global HDFS deployments.
Steve Long has over 10 years of experience working with Novell/NetIQ identity and access management solutions. He has extensive experience designing, implementing, and supporting NetIQ Identity Manager and NetIQ Access Manager environments. He has worked in identity management roles for companies such as Hearst Corporation, Continental Tire, and BASF Corporation. His technical skills include eDirectory, Active Directory, virtualization, directory services, and single sign-on technologies.
The client provides research and information solutions to the healthcare industry. Hexaware customized Drupal to tailor it to the client's business needs, including features for online document publishing, tagging documents, and sharing documents. Hexaware also improved performance by archiving old content and integrating the Apache Solr search module. The solution provided a scalable development platform and reduced costs.
SharePoint 2016 Beta 2 What's new (End users and IT Pros) Microsoft Innovat...serge luca
This document summarizes information presented by Serge Luca about SharePoint 2016. It discusses improvements to the user interface to make it more like Office 365, a more cloud-inspired infrastructure with features like OneDrive redirection. It also covers new compliance and reporting features like deletion policies and data loss prevention. The document outlines what is deprecated in SharePoint 2016 like Forefront Identity Manager and supported features. It provides information on hardware/software requirements, boundaries, and the new minimum role topology. Finally, it discusses upgrading to SharePoint 2016 and the roadmap going forward.
SunGard’s Data Profiling Service
The service allows organisations to review the data held in Windows environments, enabling them to determine their value to the business and to identify those which can be deleted, archived or retained in the live environment.
This document discusses SDN (Software Defined Networking) concepts including controllers, applications, and components. It provides brief descriptions of popular open source SDN controllers like NOX, POX, Ryu, Floodlight, Opendaylight, and ONOS. It also summarizes common SDN applications like routing protocols and security applications. Key SDN characteristics and benefits are outlined as well.
Ctive directory interview question and answerssankar palla
Active Directory is a centralized database that stores information about a network. It allows for centralized management of users, computers, printers, and other network resources. A domain controller is a server that authenticates users and authorizes access to resources on the network. Active Directory uses protocols like LDAP and KCC to enable replication and management of directory data across multiple domain controllers. Application partitions allow specific Active Directory data to be replicated only to designated domain controllers, providing redundancy.
Similar to Sauron system implementation and deployment for DNS management (20)
Bienestar Financiero al servicio de su jubilación anticipada
Pago de su 🏡
Estudio de sus hijos
Directamente a tu cuenta bancaria
Con Tesorería Auditoria Jurídica comercial
Administración de carteras
Apalancamiento Financiero
Desarrollo de tu marca personal
Acceso a Desarrollo de varias industrias
Cuentas bancarias
Estructuras Físicas en USA y en América Central
Avalado por Bolcomer
Puesto de Bolsa Comercial
Turismo
Y mucho más
Link de registro
https://business.myinfinity.global/maurod8/
https://therusnetwork.com/
Contacto:
https://goo.su/pzm1fja
Sauron system implementation and deployment for DNS management
1. Master in Open Source Software
Final master degree thesis
Sauron system implementation and
deployment for DNS management at UdL
Author: Advisor:
Gerard Bosch Monserrate Dr. Carles Mateu Pi˜ol
n
September 28, 2011
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 1 / 31
2. Outline
1 Introduction and objectives
2 Involved Technologies
3 University IT infrastructure
4 Sauron
5 BIND server
6 Testing environment
7 System deployment
8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 2 / 31
3. Introduction and objectives
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 3 / 31
4. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
5. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
6. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
7. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Mainly because humans cannot deal with large sequence numbers such as
IP addresses.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
8. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Most of services are configured using domain names.
Final user doesn’t understand about IP.
Resource’s IP address could even change.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
9. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Error prone
Doesn’t provide concurrent modification capabilities. . .
. . . neither delegation rights schema.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
10. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Wide environments =⇒ several IT staff in charge of each part.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
11. Introduction and objectives
Introduction
Sauron? DNS? What. . .
A distributed mechanism to translate (resolve) host names to IP
address is required.
DNS system was published at late 80s.
DNS: a critical networking resource.
An organisation can be responsible (authoritative) for their nodes.
Typical zone files are not practical.
Intra-organisation delegation and management is sometimes required.
Sauron provides benefits to current DNS management.
Why?
Provides a friendly user interface with user-based permissions.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 4 / 31
12. Involved Technologies
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 5 / 31
13. Involved Technologies DNS
Domain Name System (DNS)
DNS is an address resolution system born from ARPAnet at late 80s.
Was designed to solve scalability problems of previous name resolution
mechanism —which was based in a host table file:
Problems
Traffic and load.
Consistency.
Name collision possibility.
Solutions
Decentralisation (distributed system).
Delegation.
Hierarchical name space.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 6 / 31
14. Involved Technologies DNS
Domain Name System (DNS)
DNS is an address resolution system born from ARPAnet at late 80s.
Was designed to solve scalability problems of previous name resolution
mechanism —which was based in a host table file:
Problems
Traffic and load.
Consistency.
Name collision possibility.
Solutions
Decentralisation (distributed system).
Delegation.
Hierarchical name space.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 6 / 31
15. Involved Technologies DNS
Domain Name System (DNS)
DNS is an address resolution system born from ARPAnet at late 80s.
Was designed to solve scalability problems of previous name resolution
mechanism —which was based in a host table file:
Problems
Traffic and load.
Consistency.
Name collision possibility.
Solutions
Decentralisation (distributed system).
Delegation.
Hierarchical name space.
Makes networks more responsive to changes!
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 6 / 31
16. Involved Technologies DNS
Name space example
“.”
Root
Delegation
com cat es net TLD
udl terra SLD
alumnes diei eps Subdomains
correu www Hosts
A domain name is read in reverse order: starting from leaf until root node.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 7 / 31
17. Involved Technologies DHCP
Dynamic Host Configuration Protocol (DHCP)
Protocol designed to simplify management of hosts in large environments.
Allows hosts to auto-configure network parameters without human
intervention.
Some features
Client/server protocol.
Auto-negotiation of network address and other parameters.
Dynamic address allocation (allows to reuse addresses).
3 operational modes
Automatic allocation.
Manual allocation.
Dynamic allocation.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 8 / 31
18. University IT infrastructure
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 9 / 31
19. University IT infrastructure Architecture overview
Architecture
UdL network will be presented from the DNS point of view.
Some university network-related data. . .
Owns 5 public C class IP networks.
Owns 2 public domains: udl.cat and udl.es.
Makes use of a private domain: udl.net.
Network is physically split up in 5 campuses.
Network is logically divided in VLANs and subnets: we will focus only on
those ones affected by DNS/DHCP.
Disposes of 3 internal (or stealth) name servers and 2 external ones.
A little more detail. . .
VLAN Intranet : 10.0.0.0/8 (internal network)
VLAN Aules : 172.16.0.0/16 (students network)
other non-routable networks (not relevant for our aim)
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 10 / 31
20. University IT infrastructure Architecture overview
Architecture
UdL network will be presented from the DNS point of view.
Some university network-related data. . .
Owns 5 public C class IP networks.
Owns 2 public domains: udl.cat and udl.es.
Makes use of a private domain: udl.net.
Network is physically split up in 5 campuses.
Network is logically divided in VLANs and subnets: we will focus only on
those ones affected by DNS/DHCP.
Disposes of 3 internal (or stealth) name servers and 2 external ones.
A little more detail. . .
VLAN Intranet : 10.0.0.0/8 (internal network)
VLAN Aules : 172.16.0.0/16 (students network)
other non-routable networks (not relevant for our aim)
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 10 / 31
22. University IT infrastructure Infrastructure management
DNS and DHCP management
Currently the management of hosts is carried out with 2-levels procedure:
1 IT support staff in charge of user computer management, send via
helpdesk every required change.
2 System administration staff receives assistances and manually
performs required changes on servers.
This 2 level process increases complexity and impacts on overall
management efficiency.
Sauron gets rid of this chained process and allows direct operation over
DNS and DHCP data in a controlled fashion.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 12 / 31
23. University IT infrastructure Infrastructure management
DNS and DHCP management
Currently the management of hosts is carried out with 2-levels procedure:
1 IT support staff in charge of user computer management, send via
helpdesk every required change.
2 System administration staff receives assistances and manually
performs required changes on servers.
This 2 level process increases complexity and impacts on overall
management efficiency.
Sauron gets rid of this chained process and allows direct operation over
DNS and DHCP data in a controlled fashion.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 12 / 31
24. University IT infrastructure Infrastructure management
DNS and DHCP management
Currently the management of hosts is carried out with 2-levels procedure:
1 IT support staff in charge of user computer management, send via
helpdesk every required change.
2 System administration staff receives assistances and manually
performs required changes on servers.
This 2 level process increases complexity and impacts on overall
management efficiency.
Sauron gets rid of this chained process and allows direct operation over
DNS and DHCP data in a controlled fashion.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 12 / 31
25. Sauron
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 13 / 31
26. Sauron System overview
Overview
Sauron is a scalable Open Source system for the management of name
servers, DHCP and hosts.
It was developed at University of Jyvaskyla to manage hosts, allowing
rights delegation.
It is GPLv2 licensed.
Some features
Web interface with user/group access and constraints that allows
concurrent operation.
Auto-generation of BIND and DHCP configuration files with
consistency check.
Fine-grained constraint control.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 14 / 31
27. Sauron FLOSS project: data and statistics
Project statistics
Source code
Perl 18119 lines (87.62%)
Bash 2558 lines (12.37%)
COCOMO model (personcost=32000$/year, overhead=40%)
Total lines of code: 20.678
Development effort,
Person-Years (Person-Months): 4.81 (57.74)
Schedule estimate, Years (Months): 0.97 (11.68)
Estimated Avg. Num. of Developers: 4.95
Total Estimated Cost to Develop: 61.592 $
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 15 / 31
28. BIND server
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 16 / 31
29. BIND server Overview
Overview
BIND is de facto standard implementation of Internet name servers and it
is Open Source.
Originally written from graduated students of Berkeley University at
mid-80s and rewritten from scratch by Paul Vixie team 20 years later.
Is licensed with a permissive license: ISC license.
BIND uses an in-memory backend, reading data from zone files at
start-up.
Since version 9.1 comes with a simplified database API.
It has been widely criticised for its security problems, specially in early
versions.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 17 / 31
30. BIND server LDAP: Dynamic backend
BIND dynamic backend
Advantages
Dynamic data loading =⇒ reloads are no longer required.
Get rid of slave servers and zone transfers.
Get rid of cryptic zone files.
Allow third-party data management.
Better data access control including permissions.
Some drivers was written some time ago using Simplified Database API
provided by BIND:
LDAP driver is shipped as stable.
It provides good performance and replication capabilities.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 18 / 31
31. BIND server LDAP: Dynamic backend
BIND dynamic backend
Advantages
Dynamic data loading =⇒ reloads are no longer required.
Get rid of slave servers and zone transfers.
Get rid of cryptic zone files.
Allow third-party data management.
Better data access control including permissions.
Some drivers was written some time ago using Simplified Database API
provided by BIND:
LDAP driver is shipped as stable.
It provides good performance and replication capabilities.
. . . thus it has been chosen as BIND persistence backend.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 18 / 31
32. Testing environment
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 19 / 31
33. Testing environment
Simulation and testing
System has been deployed in a virtualized environment simulating UdL
systems and network architecture.
VirtualBox was the software package chosen since it is Open Source and is
available for Linux hosts.
Deployed servers
Internal servers:
DNS3 (dns3.udl.net)
DHCP (dns3.udl.net)
Sauron (sauron.udl.net)
External servers:
Gardeny (gardeny.udl.cat)
Let’s see a diagram about this testing environment. . .
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 20 / 31
34. Testing environment
Simulation and testing
System has been deployed in a virtualized environment simulating UdL
systems and network architecture.
VirtualBox was the software package chosen since it is Open Source and is
available for Linux hosts.
Deployed servers
Internal servers:
DNS3 (dns3.udl.net)
DHCP (dns3.udl.net)
Sauron (sauron.udl.net)
External servers:
Gardeny (gardeny.udl.cat)
Let’s see a diagram about this testing environment. . .
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 20 / 31
36. System deployment
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 22 / 31
37. System deployment
Overview
To deploy the whole system, integration of every component is required.
Components
Name servers (BIND).
Dynamic backend for BIND servers (LDAP directory).
DHCP server.
Sauron server.
Each name server owns its own directory.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 23 / 31
38. System deployment
Overview
To deploy the whole system, integration of every component is required.
Components
Name servers (BIND).
Dynamic backend for BIND servers (LDAP directory).
DHCP server.
Sauron server.
Each name server owns its own directory.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 23 / 31
39. System deployment
Overview
To deploy the whole system, integration of every component is required.
Components
Name servers (BIND).
Dynamic backend for BIND servers (LDAP directory).
DHCP server.
Sauron server.
Each name server owns its own directory.
Let’s see a diagram showing the architectural components of the system.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 23 / 31
40. System deployment
BIND-LDAP system architecture
SAURON
Sauron server hosts
PROVIDER
directory master copy
(provider). internal
Every name server hosts a
external
directory’s read-only replica
PUSH
(consumer). (syncrepl over TLS)
PUSH
(syncrepl over TLS)
DNS
DNS 1 DNS n external
CONSUMER CONSUMER CONSUMER
internal internal external
DNS DNS DNS
...
LDAP LDAP LDAP
query query query
BIND BIND BIND
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 24 / 31
41. System deployment
BIND-LDAP system architecture
SAURON
1 Consumers binds to
PROVIDER
provider.
2 Provider send notification internal
(PUSH) on changes. . .
external
3 . . . consumers starts data PUSH
synchronisation. (syncrepl over TLS)
PUSH
(syncrepl over TLS)
DNS
DNS 1 DNS n external
CONSUMER CONSUMER CONSUMER
internal internal external
DNS DNS DNS
...
LDAP LDAP LDAP
query query query
BIND BIND BIND
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 24 / 31
42. System deployment
BIND-LDAP system architecture
SAURON
1 Consumers binds to
PROVIDER
provider.
2 Provider send notification internal
(PUSH) on changes. . .
external
3 . . . consumers starts data PUSH
synchronisation. (syncrepl over TLS)
PUSH
(syncrepl over TLS)
DNS
DNS 1 DNS n external
Provider is authenticated with a
certificate and communication is CONSUMER CONSUMER CONSUMER
ciphered. internal internal external
DNS DNS DNS
...
LDAP LDAP LDAP
query query query
BIND BIND BIND
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 24 / 31
43. System deployment Data synchronisation
Zone-data sync
Problem
No suitable utility is shipped with BIND (bind-sdb) to sync zone files with
LDAP.
Solution
Write from scratch a program that parses zone files and synchronise
(mirroring) data with LDAP: syncldapzone.pl
How it works. . .
1 Delete from directory no longer existing entries.
2 Update common entries from local changes.
1 Delete no longer existing attributes.
2 Update common attributes from local values.
3 Add locally new attributes.
3 Commit locally new entries.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 25 / 31
44. System deployment Data synchronisation
Zone-data sync
Problem
No suitable utility is shipped with BIND (bind-sdb) to sync zone files with
LDAP.
Solution
Write from scratch a program that parses zone files and synchronise
(mirroring) data with LDAP: syncldapzone.pl
How it works. . .
1 Delete from directory no longer existing entries.
2 Update common entries from local changes.
1 Delete no longer existing attributes.
2 Update common attributes from local values.
3 Add locally new attributes.
3 Commit locally new entries.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 25 / 31
45. System deployment Data synchronisation
Zone-data sync
Problem
No suitable utility is shipped with BIND (bind-sdb) to sync zone files with
LDAP.
Solution
Write from scratch a program that parses zone files and synchronise
(mirroring) data with LDAP: syncldapzone.pl
How it works. . .
1 Delete from directory no longer existing entries.
2 Update common entries from local changes.
1 Delete no longer existing attributes.
2 Update common attributes from local values.
3 Add locally new attributes.
3 Commit locally new entries.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 25 / 31
46. System deployment Data synchronisation
Zone-data sync
Problem
No suitable utility is shipped with BIND (bind-sdb) to sync zone files with
LDAP.
Solution
Write from scratch a program that parses zone files and synchronise
(mirroring) data with LDAP: syncldapzone.pl
How it works. . .
1 Delete from directory no longer existing entries.
2 Update common entries from local changes.
1 Delete no longer existing attributes.
2 Update common attributes from local values.
3 Add locally new attributes.
3 Commit locally new entries.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 25 / 31
47. System deployment Process launching and scheduling
Launching
A launcher script has been written to start the data generation and
synchronisation process: sauron-launcher.sh
Tasks
Sauron execution: config. files generation.
Checking for errors in generation.
Copy configurations to remote targets.
Process log generation.
Archive of configs. and logs in a tarball and perform rotation.
This process is scheduled with CRON to run every few minutes.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 26 / 31
48. Conclusions and future work
Outline
FLOSS project: data and
1 Introduction and objectives statistics
2 Involved Technologies 5 BIND server
DNS Overview
DHCP LDAP: Dynamic backend
6 Testing environment
3 University IT infrastructure 7 System deployment
Architecture overview
Data synchronisation
Infrastructure management
Process launching and
4 Sauron scheduling
System overview 8 Conclusions and future work
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 27 / 31
49. Conclusions and future work
Conclusions and future work
DNS is one of the most important resources for the Internet
operation.
Using Sauron an organisation can improve the DNS management.
Several Open Source solutions has been integrated and developed to
achieve this goal.
LDAP provides an interesting storage schema for DNS data.
Although BIND is the most deployed Internet name server, utilities
and documentation to use a database backend are not up to date.
Future work
Add support for IPv6 on Sauron.
Test the system in a real production environment.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 28 / 31
50. Conclusions and future work
Conclusions and future work
DNS is one of the most important resources for the Internet
operation.
Using Sauron an organisation can improve the DNS management.
Several Open Source solutions has been integrated and developed to
achieve this goal.
LDAP provides an interesting storage schema for DNS data.
Although BIND is the most deployed Internet name server, utilities
and documentation to use a database backend are not up to date.
Future work
Add support for IPv6 on Sauron.
Test the system in a real production environment.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 28 / 31
51. Conclusions and future work
Conclusions
Personal benefits
DNS/DHCP system and operation study.
LDAP protocol and directory study.
Code digging, bug tracking and bug fixing.
System integration, use of dynamic (script) languages.
FLOSS project analysis methodologies.
Exploration of technical and standard definition bibliography.
Management of virtual environments and servers.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 29 / 31
52. License
License
This slides and the project report is licensed under Creative Commons
CC-BY-NC-SA.
Sauron patches developed are licensed with the same Sauron’s license:
GPLv2. Developed scripts written to integrate and deploy Sauron are
licensed under GPLv3.
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 30 / 31
53. Thanks for your time!
Questions?
Gerard Bosch (gerard.bosch@gmail.com) Sauron implementation and deployment September 28, 2011 31 / 31