Testbed for Security Analysis of the DNS64 IPv6 Transition Technology in Virtual Environment
نویسندگان
چکیده
In this paper, we demonstrate the feasibility of building a virtual network with several virtual Linux hosts for testing the security issues of the DNS64 IPv6 transition technology. This virtual testbed has so low hardware requirements that it can be operated under Windows 7 on an aging notebook having only 4GB of RAM and 2 CPU cores. We demonstrate the viability of the approach by testing different DNS64 implementations for the susceptibility to Transaction ID prediction attacks. The examined DNS64 implementations are BIND, TOTD, mtd64-ng and PowerDNS. A simple visual method is used for Transaction ID predictability testing. Besides the demonstration, further application possibilities of the testbed are also proposed.
منابع مشابه
Enabling Dns64perf++ for Benchmarking the Caching Performance of DNS64 Servers
Our DNS64 benchmarking program, dns64perf++, is the world’s first standard DNS64 benchmarking tool, which complies with the compulsory requirements of RFC 8219 on benchmarking methodology for IPv6 transition technologies including DNS64. The aim of our current effort is to enable dns64perf++ for benchmarking the caching performance of DNS64 servers, which was qualified as optional by the RFC, b...
متن کاملPerformance Analysis of MTD64, our Tiny Multi-Threaded DNS64 Server Implementation: Proof of Concept
In the current stage of IPv6 deployment, the combination of DNS64 and NAT64 is an important IPv6 transition technology, which can be used to enable IPv6 only clients to communicate with IPv4 only servers. In addition to the existing free software DNS64 implementations, we proposed a tiny multithreaded one, MTD64. In this paper, the performance of MTD64 is measured and compared to that of the in...
متن کاملDesign and Implementation of a Test Program for Benchmarking DNS64 Servers
A new Internet Draft on benchmarking methodologies for IPv6 transition technologies including DNS64 was adopted by the Benchmarking Working Group of IETF. The aim of our effort is to design and implement a test program that complies with the draft and thus to create the world’s first standard DNS64 benchmarking tool. In this paper, we disclose our design considerations and high-level implementa...
متن کاملBenchmarking methodology for DNS64 servers
DNS64 is an important IPv6 transition technology used in convergence with NAT64 to enable IPv6-only clients to communicate with IPv4-only servers. Several DNS64 implementations have been proposed as a solution. Their performance is an important decision factor for network operators with regard to choosing the most appropriate one among them. To that end, this article proposes a methodology for ...
متن کاملPerformance analysis and comparison of four DNS64 implementations under different free operating systems
The depletion of the global IPv4 address pool made the deployment of IPv6, the new version of the Internet Protocol, inevitable. In this paper, the transition mechanisms for the first phase of IPv6 deployment are surveyed and the DNS64 plus NAT64 solution is found appropriate. The most important free and open source DNS64 implementations are selected: BIND, TOTD, Unbound and PowerDNS. The test ...
متن کامل