講演抄録/キーワード |
講演名 |
2005-07-21 13:50
シミュレーションによるDNSSECのUDPトラフィック解析 ○力武健次(NICT)・中尾康二(NICT/KDDI)・下條真司(阪大)・野川裕紀(東京医科歯科大) |
抄録 |
(和) |
DNSSEC, an authentication method of DNS (Domain Name System), increases
the payload length of DNS answer datagrams by adding digital signatures.
The payload-length increase causes fragmentation and larger loss
rate of the IP datagrams which carry the DNS UDP payloads, and
reduces the reliability of DNS resolver-server transactions. In this
paper, we propose a model of the length distributions of DNS UDP
payloads estimated from real-world traffic samples and recalculation of
the payload length values after adding DNSSEC signatures. We then
propose the network traffic simulation procedure to estimate the rates
of loss and fragmentation of IP datagrams between DNS resolvers and
servers. |
(英) |
DNSSEC, an authentication method of DNS (Domain Name System), increases
the payload length of DNS answer datagrams by adding digital signatures.
The payload-length increase causes fragmentation and larger loss
rate of the IP datagrams which carry the DNS UDP payloads, and
reduces the reliability of DNS resolver-server transactions. In this
paper, we propose a model of the length distributions of DNS UDP
payloads estimated from real-world traffic samples and recalculation of
the payload length values after adding DNSSEC signatures. We then
propose the network traffic simulation procedure to estimate the rates
of loss and fragmentation of IP datagrams between DNS resolvers and
servers. |
キーワード |
(和) |
DNS(ドメイン名システム) / DNSSEC / ペイロード長 / トランスポートプロトコル / / / / |
(英) |
DNS (Domain Name System) / DNSSEC / payload length / transport protocol / / / / |
文献情報 |
信学技報, vol. 105, pp. 97-104, 2005年7月. |
資料番号 |
|
発行日 |
2005-07-14 (ISEC, SITE) |
ISSN |
Print edition: ISSN 0913-5685 |
PDFダウンロード |
|
|