The NLnet Labs Blog

Moving RPKI Beyond Routing Security

Moving RPKI Beyond Routing Security

Resource Tagged Attestations, or RTAs, are a new type of RPKI object that is being proposed by authors from APNIC and NLnet Labs in the IETF. They allow any arbitrary file to be signed ‘with resources’ by one or more parties.

20 Nov 2020 • 4 min read

Introducing JDR: explore, inspect and troubleshoot the RPKI

Introducing JDR: explore, inspect and troubleshoot the RPKI

Today we launch the first version of JDR, our hosted tool to check anything in the RPKI. While not yet 100% feature complete, we think it already offers useful insights

18 Nov 2020 • 5 min read

SAD DNS and NLnet Labs DNS software

SAD DNS and NLnet Labs DNS software

During the ACM CCS conference 2020, held November 9-13, researchers from UC Riverside in the US, and Tsinghua University in China presented a clever new variant of DNS cache poisoning

18 Nov 2020 • 5 min read

Why Routinator Doesn’t Fall Back to Rsync

Why Routinator Doesn’t Fall Back to Rsync

When creating software, we carefully weigh each design decision: security, resiliency, usability and many more factors play a role in the end result. This article explores the reasoning behind a behaviour that isn't specified in an RFC but which has significant impact on operators deploying RPKI.

29 Oct 2020 • 6 min read

Journeying into XDP Part 1: Augmenting DNS

Journeying into XDP Part 1: Augmenting DNS

How can eXpress Data Path (XDP) augment existing DNS software? We share our experiences of implementing Response Rate Limiting in XDP.

23 Oct 2020 • 12 min read

Testing .. 123 Delegated RPKI

Testing .. 123 Delegated RPKI

Validate your delegated RPKI deployment with the new NLnet Labs RPKI test root.

12 Oct 2020 • 8 min read

DNS-over-HTTPS in Unbound

DNS-over-HTTPS in Unbound

A major step forward in end user privacy.

9 Oct 2020 • 6 min read

Some Country for Old Men

Some Country for Old Men

An Unbound Story of Serving Expired Records.

9 Sep 2020 • 4 min read

Journeying into XDP: Part 0

Journeying into XDP: Part 0

Network programming using XDP has been on our radar for a while now. As tooling around this technology has vastly improved, we decided that it was time to finally get our hands dirty and see what this technology is all about.

20 Jul 2020 • 10 min read

Krill Gains Powerful ROA Management Based on BGP Routing

Krill Gains Powerful ROA Management Based on BGP Routing

Create and maintain Route Origin Authorisations based on the BGP announcements with your address space.

25 Jun 2020 • 4 min read

IPv6 and Rust

IPv6 and Rust

How difficult is it to use Rust and its ecosystem to write network applications that support IPv6?

15 Jun 2020 • 5 min read

Adapting Radix Trees

Adapting Radix Trees

NLnet Labs continuously strives to push the performance of its products. Over the course of the past year we researched improvements to main-memory databases for our authorative nameserver, NSD.

11 Jun 2020 • 7 min read

Tuning NSD for even better performance

Tuning NSD for even better performance

17 Mar 2020 • 4 min read

Evolving Krill

Evolving Krill

25 Feb 2020 • 5 min read

Response Policy Zones in Unbound

Response Policy Zones in Unbound

20 Feb 2020 • 9 min read

On adopting a Code of Conduct for NLnet Labs

On adopting a Code of Conduct for NLnet Labs

10 Feb 2020 • 4 min read

Leaping through RPKI history with Ziggy

Leaping through RPKI history with Ziggy

RPKI, the Resource Public Key Infrastructure, is an important cornerstone in securing the BGP routing system on the Internet. In its…

30 Aug 2019 • 14 min read

Measuring the impact of DNS Flag Day

Measuring the impact of DNS Flag Day

DNS Flag Day 2019 stimulated a lot of awareness, and as a result, the Internet got a little better.

19 Aug 2019 • 8 min read

No results found

↑ ↓ Navigate up/down

Enter Go to article

/ Search new term

Esc Close search

GO TOP