Rolling the root key
Have DNSSEC-validating recursive resolvers updated their Trust Anchor sets to include KSK-2024, and how can we measure whether this transition has been successfully adopted?
Tag: DNS
NIST updates its secure DNS deployment guide: What operators need to know
NIST’s updated DNS deployment guide treats DNS as a core security control, offering practical guidance on protective DNS, encryption, DNSSEC, and both authoritative and recursive operations to help operators strengthen resilience, visibility, and policy enforcement.
[Podcast] Measuring the use of DNS over IPv6
Geoff Huston explores how DNS operates over IPv6 and the challenges of measuring it. His findings reveal interesting variances by geographic region and network, raising questions about whether IPv6-only DNS is reliable enough to guide future operational practices.
Network Management session at APRICOT 2026: DNS logs, enterprise open source, and configuration management
The Network Management session at APRICOT 2026 brought together four presenters to share practical, data‑driven insights into how operators can better understand and optimize their networks.
Measuring the use of DNS over IPv6
How much of the Internet user base can reliably access a DNS server where the only form of access is via IPv6?
On misusing transparent DNS forwarders For amplification attacks
Guest Post: Research shows the threat vector introduced by transparent DNS forwarders that enable access to shielded recursive resolvers, and scale better in terms of potential attack volume.
From the stupid DNS tricks department: ipasn.net
A trick that lets you map an IP address to an ASN without preprocessing any data.
Upcoming keynotes and program highlights at APRICOT 2026
Gain new operational skills and insights, meet like-minded peers, and help shape the Internet at APRICOT 2026. Here’s some of what you can look forward to.
Three of the best: Podcasts
Three of the best PING podcasts on Internet operations.
Domain Connect: A missing piece in the DNS toolbox
Guest Post: Domain renewal rates directly correlate with usage. Domain Connect creates a standardized way for service providers and DNS providers to communicate. Users complete setup in seconds with just a few clicks.