Providing a clean, well lit destination for DNS queries concerning RFC1918 and other Special Use networks.

AS112 Project Overview

Because most answers generated by the Internet's root name server system are negative, and many of those negative answers are in response to PTR queries for RFC1918, dynamic DNS updates and other ambiguous addresses, as follows:


  • 10.0.0.0/8
  • 172.16.0.0/12
  • 169.254.0.0/16
  • 192.168.0.0/16

There are now separate (non-root) servers for these queries, described below.

How many public AS112 nodes are there as of March 31, 2012?

Some time ago there was a discussion on the as112-ops mailing list regarding the number of public AS112 nodes [RFC 6304,6305] and coming up with a way to do that. Since then, and over a period of 4 months, I have come up with a rather inefficient, but fairly good picture of both.

AS112 Server Operators Listing


Last updated: 22 December, 2011, wfms


Server operators are volunteers who offer a route to the well known addresses of
the AS112 servers, either to handle the queries generated by their local user
populations, or to help carry the global traffic load. We intend the list of
operators shown below to be complete and accurate, but that may not be possible.
The F root server operator also runs instances of AS112 servers at certain
sites. Some of these sites are listed here too.


This list will usually be updated once every month, unless an email is sent
to 112 -at- root-servers.org to notify us of a new node. Additionally, updates
are based on queries made to a select number of known route servers, some of
which are listed at Traceroute.org.

AS112 operators are also asked to subscribe to the mailing list described
elsewhere on this website. Note that publicly accessible statistics are
very definitely encouraged. The DSC package is ideal for this.


Note: this list is really a best efforts endeavour, as
the final list at time of writing is not by any means either definitive or
complete.

AS112 Operations IETF drafts now RFCs

On July 13, after spending some time in the IETF DNSOP working group, the two IETF Internet drafts describing AS112 operations and what to do with the perception of being attacked by the service, finally became Internet RFCs. The RFC numbers are 6304 and 6305.

References and papers

Some papers have been written on the subject of Private DNS updates and reverse lookups for RFC 1918 space. Here are a few links:


The Windows of Private DNS Updates
CAIDA paper
Identifying and Reducing Private DNS Updates
CAIDA/WIDE Presentation
Is Your Caching Resolver Polluting the Internet?

AS112 IPv6 operations - trials

DRAFT

IPv6 has already started to gain the momentum it needs to become widely deployed across the Internet. But with that comes a lot of DNS queries that also result in negative answers. According to one study by APNIC (Huston & Michaelson) it's clear that negative answers are dramatically higher than for legitimate positive results insofar as IPv6 goes. Given this new load taking place, it only makes sense to delegate certain IPv6 reverse-maps to the AS112 project before junk traffic overwhelmingly dominates legit IPv6 DNS traffic.

IETF Internet Draft Proposed to extend AS112 into the IPv6 world

A new draft has been submitted to the IETF by George Michaelson and Geoff Huston of APNIC. This draft proposes to extend AS112 operations by adding IPv6 capability as well as to have the IANA delegate a handful of IPv6 reverse zones that are projected to create an increasing burden on the DNS root server system as IPv6 deployment expands.

AS112 operations to be documented in IETF drafts

Joe Abley and William F. Maton Sotomayor have submitted two Internet Drafts to the IETF for dnsops consideration. More at IETF. The ID Tracker has a direct pointer to these if you search for AS112.

The current revision of these drafts is now -09 for -ops and -06 for -help-help as of May 2011 and are now within the IESG waiting for announcement.

Generating Public Statistics

At present the project requires that participants of the AS112 system must generate and supply a publicly accessible website that displays statistics gathered from the traffic your anycast node attracts. There are several methods to make this work, but so far the one with the least impact on the system is the Measurement Factory's DSC package. DSC has the advantage of being used in a distributed manner and it can also be split functionally into a separate collector and graphing systems.

An example of an AS112 server using CentOS

By Frank Habicht

This what I have done for a CENTOS:

create these config files to enable IPs 192.175.48.1, 192.175.48.6 and
192.175.48.42 on loopback
$ cat /etc/sysconfig/network-scripts/ifcfg-lo:0
# Loopback clone for AS112
DEVICE=lo:0
BOOTPROTO=static
BROADCAST=192.175.48.255
IPADDR=192.175.48.1
IPV6ADDR=
IPV6PREFIX=
NETMASK=255.255.255.0
NETWORK=192.175.48.0
ONBOOT=yes
$ cat /etc/sysconfig/network-scripts/ifcfg-lo:1
# Loopback clone for AS112
DEVICE=lo:1
BOOTPROTO=static
BROADCAST=192.175.48.255
IPADDR=192.175.48.6
IPV6ADDR=
IPV6PREFIX=
Syndicate content