SlideShare a Scribd company logo

Study of QoS on DNS services provided in Benin at AIS'18

Download as PPTX, PDF
Y
Yazid AKANHO

My presentation on behalf of Benin DNS Forum at Africa Internet Summit 2018 in Dakar - Senegal

Internet
1 of 24
QoS of DNS services in Benin Yazid AKANHO on behalf of Benin DNS Forum. Dakar, April 11th 2018. www.dnsforum.bj #BeninDNS
Agenda 1. Context of the study 2. Methodology 3. Results 4. Self-criticism/limitations 5. Going beyond
Context of the study 1. DNS, the forgotten part of the Internet!: we want to bring more focus DNS role on the Internet working. 2. domain names systems are usually discussed only by sysadmins in Benin and many countries, for most users, Internet is just what they see on their screen! … 3. How DNS is used in Benin (resolvers and Authoritative servers)? Are best practices followed or not in configuration and deployment? Is security taken into account in DNS area? diversity of DNS solutions used, ... 4. KSK rollover : is Benin ready? How many resolvers do not update KSK and how many potential subscribers will be affected after the rollover? 5. measure the attractiveness of .bj !
The 3 axes of the study •Identify resolvers provided by ISPs •Check if ISP’s resolvers configuration comply with standards and best practices •Provide appropriate recommendations Quality of DNS resolvers provided by ISPs in Benin •Check 98 .bj domains zone file configuration •Check 98 .bj domains NS distribution (geographical, AS, …) •Analyze the results and provide recommendations .bj domain names NS configurations •Perform an online survey (23 Q): 254 answers collected. •Measure the perception of Beninese on the national digital identity: .bj •Identify the key expectation points of Beninese and collect suggestions/recommendations for a more attractive ccTLD .bj Attractiveness of ccTLD .bj
Methodology • Collect resolvers information from various Internet providers : ISP, GSM operators, … • Use measurement tools to collect various data and metrics from 98 domains: – Ripe-Atlas probes and APIs for measurements, – tools like ZoneMaster, whois, dig, geoIP, and various scripts to verify and/or test NS servers IP address, location, configuration, DNS records and zone files configurations, • Collect data from end users: survey on attractiveness of .bj • Data analysis and recommendations on each area of the study.
Benin: quick overview  West African country, at west is Nigeria, East is Togo, North is Niger and Burkina-Faso and at South is Ocean.  10 ISPs and 2 MNO in April 2018.  Q4 2017: − 4.6M Internet subscribers. − 99,38% covered by MNOs and the rest by ISPs. − Internet penetration rate : 40,4%
Results: 1 Quality of ISP’s DNS resolvers in Benin  Some ISPs and MNOs are reticent to share resolvers IP addresses. Resolver IP address is not confidential!  However 10 operators provided their resolvers IP address.  Some ISPs comply with BCP16 while few of them do not. Good!  Some ISPs use GPDNS as default resolver for their customers. Data privacy, latency in address resolution ! Very bad!  +90% resolvers are using GPDNS as forwarder. bad! 0 1 2 3 4 5 6 7 8 Operator using their own resolver (>=1) Operator using a third party resolver Resolver not known Operator using more than two resolvers resolvers info
DNSSEC validation in West Africa. Source: https://stats.labs.apnic.net/dnssec  DNSSEC: ₋ +81 % resolvers perform DNSSEC validation, ₋ +70 % DNS requests are validated with DNSSEC ₋ +41% DNSSEC validation passed through GPDNS.  EDNS: ₋ Very important to avoid DNS answers to be dropped ₋ 40% resolvers activate EDNS (512 to 4096 bytes) : RFC 6891  Trust anchors: ₋ Mandatory to update resolvers before upcoming KSK rollover ₋ One of the tested resolvers is not updated to latest trust-anchors Results: 1 Quality of ISP’s DNS resolvers in Benin
 Resolver availability and response time: ₋ 24h ping measurement using RIPE Atlas probes show 100% availability and response time up to 200ms. Globally positive Results: 1 Quality of ISP’s DNS resolvers in Benin
Conclusion & recommendations: Quality of ISP’s DNS resolvers in Benin  Install resolvers (recursive/cache) where it is not, an ISP must have resolvers (>=2 in different subnets preferably).  activate DNSSEC validation (configure dnssec-validation auto; instead of dnssec-validation yes; unless you know what you are doing!) and EDNS where applicable.  Replace GPDNS by Quad9 (exists at Benin IXP), ideally use root hints.  Update to KSK2017 trust anchors : procedure available at : https://www.icann.org/dns-resolvers-checking- current-trust-anchors
Part 2: Study of .bj domains Name Servers configuration
Results 2: Study of .bj domains Name Servers configuration  98 domains .bj tested ≈12.5% of domains in .bj.  Top 3 countries holding NS from domains in .bj: Benin, France, USA.  2/3 of NS are hosted abroad!, no NS hosted somewhere else in Africa (as per the 98 sample domains).
 up to 5 Name Servers defined for some domains, recommendation is  2 (BCP16). No domain with 1 authoritative server. Good!  For 93% cases, all NS of a particular domain are within the same AS. Only 7% follow the best practice which is to put NS in different AS. 0 10 20 30 40 50 60 70 80 # of NS Number of NS per domain 2 NS 3 NS 4 NS 5 NS 93% 7% NS distribution per AS NS in same AS NS in different AS Results 2: Study of .bj domains Name Servers configuration
 50% TTL are > 3 hours for A records tested.  25% of NS in .bj able to talk IPv6, none is hosted in Benin!  5% of NS in .bj have at least one AAAA records, none is hosted in Benin! TTL configured On NS Is NS able to talk IPv6? Results 2: Study of .bj domains Name Servers configuration
 Zone file transfer is available in some NS. Admin error or well known ??? Bad!  72.7% domains tested have only one MX record in zone file. Potential point of failure for mail delivery!  89.2% of tested domains Name servers have EDNS activated with 4096 bytes as limit (RFC 6891). 6.10% 93.90% Is zone file transfer possible? Yes No 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 1 MX 2 MX 3MX 4 MX 5 MX Number of MX in a domain Results 2: Study of .bj domains Name Servers configuration
Conclusion & recommendations: Study of .bj domains Name Servers configuration  Install more authoritative servers locally! (reliable power and connectivity may be a constraint!)  Redistribute the NS for the same domain into different AS.  Improve IPv6 deployment.  Name Server hardening: zone file transfer, increase number of MX, increase low TTL where applicable.
Part 3: Attractiveness of ccTLD .bj
 254 people with various profile participated in the survey (diversity!): IT, health, marketing, lawyers, …  Dot bj global stats 2017 (from regulatory):  800 names registered, 78% from enterprises, 19% from individuals and 9% from government.  91,7% of the participants know .bj  But only 12% have a domain dot bj while 67% have a domain name in another TLD (.com, .net, .org…)  75% of them would prefer a dot bj if registration process is simplified. Probably most of those who actually have a gTLD domain name! Results 3: Attractiveness of ccTLD .bj
 People prefer electronic payment methods to traditional methods, mainly to remove wasting time.  participants prefer other TLD to .bj for various reasons. Each of them should be taken seriously in strategy management. 90 167 24 49 133 0 20 40 60 80 100 120 140 160 180 Cash Mobile money bank check bank transfer online payement card count Payement method payment method choices to register .bj 156 132 117 99 45 0 20 40 60 80 100 120 140 160 180 ease of purchase and payment availability guarantee affordable price referencing other count reason why do you prefer another TLD to .bj? Results 3: Attractiveness of ccTLD .bj
The 200 recommendations from the community: Almost 200 participants submitted a proposition to improve visibility and attractiveness of ccTLD .bj. Here are few of them:  Full automation of the registration process: simple reservation and purchase mechanisms, accessible and available online to avoid the constraint of physical movement to the registrar.  Increase number of registrar  Affordable and competitive costs (the average of 10,000 CFA seems acceptable to the public).  Good communication strategy with excellent packages.  Better control on purchase costs from abroad for customers not resident in Benin  integration of electronic payment methods.  Adoption by Government structures, private companies, NGOs, Universities, ...: political decisions (assign during Enterprise creation process for example) Results 3: Attractiveness of ccTLD .bj
Limits  Tests were short (in time) and data collected is not enough to have very trustable conclusions.  Number of answers during the survey was low: analysis may have not reflect the complete reality. Need to read from more profiles and actors.  Data collected are not enough for a high confidence analysis
Going beyond! • More analysis, this will require support from .bj registry : – top N most requested domains, – “Who is asking and what are they asking for?” – "the top N domains requested which answer is a NXDOMAIN“ – "How many queries use EDNS0 and for which sizes?“ – … • Redo the study to check for improvements, collect more data to increase confidence interval.
About Benin DNS Forum  Forum on Domain Name System and Internet in Benin.  Open : up to 5 local associations working together, new asso are welcome  5 days activities : Woman DNS Academy, public-private sectors seminar on DNS best practices, DNSathon, public forum with panels and tutos  http://dnsforum.bj/  Reports at http://dnsforum.bj/rapports/
Jërëjëf Merci

Recommended

Comparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer size
Comparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer sizeComparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer size
Comparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer sizeEditor IJCATR
 
Deep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyDeep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyIxia
 
Experience Using RIR Whois
Experience Using RIR WhoisExperience Using RIR Whois
Experience Using RIR WhoisAPNIC
 
Pmw2 k3ni 1-2b
Pmw2 k3ni 1-2bPmw2 k3ni 1-2b
Pmw2 k3ni 1-2bhariclant1
 
06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dns06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dnsPalanivel Kuppusamy
 
CASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOS
CASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOSCASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOS
CASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOSijcsity
 
透视消费者.ppt
透视消费者.ppt透视消费者.ppt
透视消费者.pptwei mingyang
 
Administration of DHCP Addressing
Administration of DHCP AddressingAdministration of DHCP Addressing
Administration of DHCP Addressingpaperpublications3
 

Recommended

Comparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer size
Comparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer sizeComparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer size
Comparisons of QoS in VoIP over WIMAX by Varying the Voice codes and Buffer sizeEditor IJCATR
 
Deep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyDeep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyIxia
 
Experience Using RIR Whois
Experience Using RIR WhoisExperience Using RIR Whois
Experience Using RIR WhoisAPNIC
 
Pmw2 k3ni 1-2b
Pmw2 k3ni 1-2bPmw2 k3ni 1-2b
Pmw2 k3ni 1-2bhariclant1
 
06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dns06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dnsPalanivel Kuppusamy
 
CASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOS
CASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOSCASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOS
CASE STUDY FOR PERFORMANCE ANALYSIS OF VOIP CODECS IN NON-MOBILITY SCENARIOSijcsity
 
透视消费者.ppt
透视消费者.ppt透视消费者.ppt
透视消费者.pptwei mingyang
 
Administration of DHCP Addressing
Administration of DHCP AddressingAdministration of DHCP Addressing
Administration of DHCP Addressingpaperpublications3
 
India Internet Access Problems Whitepaper_Ver 2.2
India Internet Access Problems Whitepaper_Ver 2.2India Internet Access Problems Whitepaper_Ver 2.2
India Internet Access Problems Whitepaper_Ver 2.2Arin Burman
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73APNIC
 
8 technical-dns-workshop-day4
8 technical-dns-workshop-day48 technical-dns-workshop-day4
8 technical-dns-workshop-day4DNS Entrepreneurship Center
 
Honeypots and Security
Honeypots and SecurityHoneypots and Security
Honeypots and SecurityAPNIC
 
Technical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentTechnical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentAPNIC
 
ICANN 51: IANA Department – Who, What, Why?"
ICANN 51: IANA Department – Who, What, Why?"ICANN 51: IANA Department – Who, What, Why?"
ICANN 51: IANA Department – Who, What, Why?"ICANN
 
NANOG 82: DNS Evolution
NANOG 82: DNS EvolutionNANOG 82: DNS Evolution
NANOG 82: DNS EvolutionAPNIC
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPROIDEA
 
ION Trinidad and Tobago - The Business Case for DNSSEC
ION Trinidad and Tobago - The Business Case for DNSSECION Trinidad and Tobago - The Business Case for DNSSEC
ION Trinidad and Tobago - The Business Case for DNSSECDeploy360 Programme (Internet Society)
 
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM] IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]APNIC
 
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12Eric Athas
 
Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?NetSapiens
 
Owning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesOwning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesThousandEyes
 
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...Janine Soika
 
RIPE 78: A review of the KSK Roll
RIPE 78: A review of the KSK RollRIPE 78: A review of the KSK Roll
RIPE 78: A review of the KSK RollAPNIC
 
RIPE 82: DNS Evolution
RIPE 82: DNS EvolutionRIPE 82: DNS Evolution
RIPE 82: DNS EvolutionAPNIC
 
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]APNIC
 
DTT Regionalization @ iTVF2015 - Istanbul
DTT Regionalization @ iTVF2015 - IstanbulDTT Regionalization @ iTVF2015 - Istanbul
DTT Regionalization @ iTVF2015 - IstanbulBerry Eskes
 
Fast 360 assessment sample report
Fast 360 assessment sample reportFast 360 assessment sample report
Fast 360 assessment sample reportExtraHop Networks
 
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...MongoDB
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 

More Related Content

Similar to Study of QoS on DNS services provided in Benin at AIS'18

India Internet Access Problems Whitepaper_Ver 2.2
India Internet Access Problems Whitepaper_Ver 2.2India Internet Access Problems Whitepaper_Ver 2.2
India Internet Access Problems Whitepaper_Ver 2.2Arin Burman
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73APNIC
 
Honeypots and Security
Honeypots and SecurityHoneypots and Security
Honeypots and SecurityAPNIC
 
Technical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentTechnical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentAPNIC
 
ICANN 51: IANA Department – Who, What, Why?"
ICANN 51: IANA Department – Who, What, Why?"ICANN 51: IANA Department – Who, What, Why?"
ICANN 51: IANA Department – Who, What, Why?"ICANN
 
NANOG 82: DNS Evolution
NANOG 82: DNS EvolutionNANOG 82: DNS Evolution
NANOG 82: DNS EvolutionAPNIC
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPROIDEA
 
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM] IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]APNIC
 
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12Eric Athas
 
Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?NetSapiens
 
Owning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesOwning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesThousandEyes
 
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...Janine Soika
 
RIPE 78: A review of the KSK Roll
RIPE 78: A review of the KSK RollRIPE 78: A review of the KSK Roll
RIPE 78: A review of the KSK RollAPNIC
 
RIPE 82: DNS Evolution
RIPE 82: DNS EvolutionRIPE 82: DNS Evolution
RIPE 82: DNS EvolutionAPNIC
 
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]APNIC
 
DTT Regionalization @ iTVF2015 - Istanbul
DTT Regionalization @ iTVF2015 - IstanbulDTT Regionalization @ iTVF2015 - Istanbul
DTT Regionalization @ iTVF2015 - IstanbulBerry Eskes
 
Fast 360 assessment sample report
Fast 360 assessment sample reportFast 360 assessment sample report
Fast 360 assessment sample reportExtraHop Networks
 
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...MongoDB
 

Similar to Study of QoS on DNS services provided in Benin at AIS'18 (20)

India Internet Access Problems Whitepaper_Ver 2.2
India Internet Access Problems Whitepaper_Ver 2.2India Internet Access Problems Whitepaper_Ver 2.2
India Internet Access Problems Whitepaper_Ver 2.2
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73
 
8 technical-dns-workshop-day4
8 technical-dns-workshop-day48 technical-dns-workshop-day4
8 technical-dns-workshop-day4
 
Honeypots and Security
Honeypots and SecurityHoneypots and Security
Honeypots and Security
 
Technical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC DeploymentTechnical and Business Considerations for DNSSEC Deployment
Technical and Business Considerations for DNSSEC Deployment
 
ICANN 51: IANA Department – Who, What, Why?"
ICANN 51: IANA Department – Who, What, Why?"ICANN 51: IANA Department – Who, What, Why?"
ICANN 51: IANA Department – Who, What, Why?"
 
NANOG 82: DNS Evolution
NANOG 82: DNS EvolutionNANOG 82: DNS Evolution
NANOG 82: DNS Evolution
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
 
ION Trinidad and Tobago - The Business Case for DNSSEC
ION Trinidad and Tobago - The Business Case for DNSSECION Trinidad and Tobago - The Business Case for DNSSEC
ION Trinidad and Tobago - The Business Case for DNSSEC
 
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM] IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
IPv6 Readiness Measurement BoF report, by Ai-Chin Lu [APNIC 38 / AMM]
 
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
Introduction to Triton Webcast Metrics for NPR Member Stations - 3/8/12
 
Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?
 
Owning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyesOwning End-to-end Application Experience With ThousandEyes
Owning End-to-end Application Experience With ThousandEyes
 
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
Benefits of Cloud Hosting and SaaS Solutions for IT Solution Providers and th...
 
RIPE 78: A review of the KSK Roll
RIPE 78: A review of the KSK RollRIPE 78: A review of the KSK Roll
RIPE 78: A review of the KSK Roll
 
RIPE 82: DNS Evolution
RIPE 82: DNS EvolutionRIPE 82: DNS Evolution
RIPE 82: DNS Evolution
 
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
 
DTT Regionalization @ iTVF2015 - Istanbul
DTT Regionalization @ iTVF2015 - IstanbulDTT Regionalization @ iTVF2015 - Istanbul
DTT Regionalization @ iTVF2015 - Istanbul
 
Fast 360 assessment sample report
Fast 360 assessment sample reportFast 360 assessment sample report
Fast 360 assessment sample report
 
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
 

Recently uploaded

Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 

Recently uploaded (20)

Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 

Study of QoS on DNS services provided in Benin at AIS'18

  • 1. QoS of DNS services in Benin Yazid AKANHO on behalf of Benin DNS Forum. Dakar, April 11th 2018. www.dnsforum.bj #BeninDNS
  • 2. Agenda 1. Context of the study 2. Methodology 3. Results 4. Self-criticism/limitations 5. Going beyond
  • 3. Context of the study 1. DNS, the forgotten part of the Internet!: we want to bring more focus DNS role on the Internet working. 2. domain names systems are usually discussed only by sysadmins in Benin and many countries, for most users, Internet is just what they see on their screen! … 3. How DNS is used in Benin (resolvers and Authoritative servers)? Are best practices followed or not in configuration and deployment? Is security taken into account in DNS area? diversity of DNS solutions used, ... 4. KSK rollover : is Benin ready? How many resolvers do not update KSK and how many potential subscribers will be affected after the rollover? 5. measure the attractiveness of .bj !
  • 4. The 3 axes of the study •Identify resolvers provided by ISPs •Check if ISP’s resolvers configuration comply with standards and best practices •Provide appropriate recommendations Quality of DNS resolvers provided by ISPs in Benin •Check 98 .bj domains zone file configuration •Check 98 .bj domains NS distribution (geographical, AS, …) •Analyze the results and provide recommendations .bj domain names NS configurations •Perform an online survey (23 Q): 254 answers collected. •Measure the perception of Beninese on the national digital identity: .bj •Identify the key expectation points of Beninese and collect suggestions/recommendations for a more attractive ccTLD .bj Attractiveness of ccTLD .bj
  • 5. Methodology • Collect resolvers information from various Internet providers : ISP, GSM operators, … • Use measurement tools to collect various data and metrics from 98 domains: – Ripe-Atlas probes and APIs for measurements, – tools like ZoneMaster, whois, dig, geoIP, and various scripts to verify and/or test NS servers IP address, location, configuration, DNS records and zone files configurations, • Collect data from end users: survey on attractiveness of .bj • Data analysis and recommendations on each area of the study.
  • 6. Benin: quick overview  West African country, at west is Nigeria, East is Togo, North is Niger and Burkina-Faso and at South is Ocean.  10 ISPs and 2 MNO in April 2018.  Q4 2017: − 4.6M Internet subscribers. − 99,38% covered by MNOs and the rest by ISPs. − Internet penetration rate : 40,4%
  • 7. Results: 1 Quality of ISP’s DNS resolvers in Benin  Some ISPs and MNOs are reticent to share resolvers IP addresses. Resolver IP address is not confidential!  However 10 operators provided their resolvers IP address.  Some ISPs comply with BCP16 while few of them do not. Good!  Some ISPs use GPDNS as default resolver for their customers. Data privacy, latency in address resolution ! Very bad!  +90% resolvers are using GPDNS as forwarder. bad! 0 1 2 3 4 5 6 7 8 Operator using their own resolver (>=1) Operator using a third party resolver Resolver not known Operator using more than two resolvers resolvers info
  • 8. DNSSEC validation in West Africa. Source: https://stats.labs.apnic.net/dnssec  DNSSEC: ₋ +81 % resolvers perform DNSSEC validation, ₋ +70 % DNS requests are validated with DNSSEC ₋ +41% DNSSEC validation passed through GPDNS.  EDNS: ₋ Very important to avoid DNS answers to be dropped ₋ 40% resolvers activate EDNS (512 to 4096 bytes) : RFC 6891  Trust anchors: ₋ Mandatory to update resolvers before upcoming KSK rollover ₋ One of the tested resolvers is not updated to latest trust-anchors Results: 1 Quality of ISP’s DNS resolvers in Benin
  • 9.  Resolver availability and response time: ₋ 24h ping measurement using RIPE Atlas probes show 100% availability and response time up to 200ms. Globally positive Results: 1 Quality of ISP’s DNS resolvers in Benin
  • 10. Conclusion & recommendations: Quality of ISP’s DNS resolvers in Benin  Install resolvers (recursive/cache) where it is not, an ISP must have resolvers (>=2 in different subnets preferably).  activate DNSSEC validation (configure dnssec-validation auto; instead of dnssec-validation yes; unless you know what you are doing!) and EDNS where applicable.  Replace GPDNS by Quad9 (exists at Benin IXP), ideally use root hints.  Update to KSK2017 trust anchors : procedure available at : https://www.icann.org/dns-resolvers-checking- current-trust-anchors
  • 11. Part 2: Study of .bj domains Name Servers configuration
  • 12. Results 2: Study of .bj domains Name Servers configuration  98 domains .bj tested ≈12.5% of domains in .bj.  Top 3 countries holding NS from domains in .bj: Benin, France, USA.  2/3 of NS are hosted abroad!, no NS hosted somewhere else in Africa (as per the 98 sample domains).
  • 13.  up to 5 Name Servers defined for some domains, recommendation is  2 (BCP16). No domain with 1 authoritative server. Good!  For 93% cases, all NS of a particular domain are within the same AS. Only 7% follow the best practice which is to put NS in different AS. 0 10 20 30 40 50 60 70 80 # of NS Number of NS per domain 2 NS 3 NS 4 NS 5 NS 93% 7% NS distribution per AS NS in same AS NS in different AS Results 2: Study of .bj domains Name Servers configuration
  • 14.  50% TTL are > 3 hours for A records tested.  25% of NS in .bj able to talk IPv6, none is hosted in Benin!  5% of NS in .bj have at least one AAAA records, none is hosted in Benin! TTL configured On NS Is NS able to talk IPv6? Results 2: Study of .bj domains Name Servers configuration
  • 15.  Zone file transfer is available in some NS. Admin error or well known ??? Bad!  72.7% domains tested have only one MX record in zone file. Potential point of failure for mail delivery!  89.2% of tested domains Name servers have EDNS activated with 4096 bytes as limit (RFC 6891). 6.10% 93.90% Is zone file transfer possible? Yes No 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 1 MX 2 MX 3MX 4 MX 5 MX Number of MX in a domain Results 2: Study of .bj domains Name Servers configuration
  • 16. Conclusion & recommendations: Study of .bj domains Name Servers configuration  Install more authoritative servers locally! (reliable power and connectivity may be a constraint!)  Redistribute the NS for the same domain into different AS.  Improve IPv6 deployment.  Name Server hardening: zone file transfer, increase number of MX, increase low TTL where applicable.
  • 18.  254 people with various profile participated in the survey (diversity!): IT, health, marketing, lawyers, …  Dot bj global stats 2017 (from regulatory):  800 names registered, 78% from enterprises, 19% from individuals and 9% from government.  91,7% of the participants know .bj  But only 12% have a domain dot bj while 67% have a domain name in another TLD (.com, .net, .org…)  75% of them would prefer a dot bj if registration process is simplified. Probably most of those who actually have a gTLD domain name! Results 3: Attractiveness of ccTLD .bj
  • 19.  People prefer electronic payment methods to traditional methods, mainly to remove wasting time.  participants prefer other TLD to .bj for various reasons. Each of them should be taken seriously in strategy management. 90 167 24 49 133 0 20 40 60 80 100 120 140 160 180 Cash Mobile money bank check bank transfer online payement card count Payement method payment method choices to register .bj 156 132 117 99 45 0 20 40 60 80 100 120 140 160 180 ease of purchase and payment availability guarantee affordable price referencing other count reason why do you prefer another TLD to .bj? Results 3: Attractiveness of ccTLD .bj
  • 20. The 200 recommendations from the community: Almost 200 participants submitted a proposition to improve visibility and attractiveness of ccTLD .bj. Here are few of them:  Full automation of the registration process: simple reservation and purchase mechanisms, accessible and available online to avoid the constraint of physical movement to the registrar.  Increase number of registrar  Affordable and competitive costs (the average of 10,000 CFA seems acceptable to the public).  Good communication strategy with excellent packages.  Better control on purchase costs from abroad for customers not resident in Benin  integration of electronic payment methods.  Adoption by Government structures, private companies, NGOs, Universities, ...: political decisions (assign during Enterprise creation process for example) Results 3: Attractiveness of ccTLD .bj
  • 21. Limits  Tests were short (in time) and data collected is not enough to have very trustable conclusions.  Number of answers during the survey was low: analysis may have not reflect the complete reality. Need to read from more profiles and actors.  Data collected are not enough for a high confidence analysis
  • 22. Going beyond! • More analysis, this will require support from .bj registry : – top N most requested domains, – “Who is asking and what are they asking for?” – "the top N domains requested which answer is a NXDOMAIN“ – "How many queries use EDNS0 and for which sizes?“ – … • Redo the study to check for improvements, collect more data to increase confidence interval.
  • 23. About Benin DNS Forum  Forum on Domain Name System and Internet in Benin.  Open : up to 5 local associations working together, new asso are welcome  5 days activities : Woman DNS Academy, public-private sectors seminar on DNS best practices, DNSathon, public forum with panels and tutos  http://dnsforum.bj/  Reports at http://dnsforum.bj/rapports/