DNS Clients Do Request DNSSEC Today
• 3 min read
After the DNS root zone was finally signed and a number of TLDs began signing their zones, we were curious to see how many clients actually request DNSSEC information. First we looked at our server that provides secondary service to several ccTLDs.
They are suggestions, so do not take them as instructions! Especially the defaults I suggested should be subject to discussion and community feedback. As to keeping the probes visible: I do not think that this is what the typical user wants when they are interested in the topology close to the *target*. In any case what I was interested in when I used traceroutes like that was a simple representation of the topology close to the target, never mind how the packets got close. Daniel
Suggestions: a) add an option to limit to h hops from the target and then show paths from all probes providing data during the interval b) use 'network names' as a label option c) use AS 'names' as a label option d) use a colour scale (better visual resolution than greyscale) for the number of paths along an edge e) add an option to only show endgs used by at least p % of all probes providing data during the interval f) make h=4 and p=25 the default view For examples of all that see https://labs.ripe.net/Members/dfk/map-a-ripe-atlas-anchor Daniel
Showing 22 comment(s)