The NLnet Labs Blog

Newsletter

Stay up to date! Get all the latest & greatest posts delivered straight to your inbox

Routing

Of Donkeys, Mules & Horses

A quest for the perfect data-structure to store and retrieve a full table of IP Prefixes, while maintaining the hierarchical relations.

18 May 2021 • 25 min read

How To Run Krill Behind an NGINX Reverse Proxy

How To Run Krill Behind an NGINX Reverse Proxy

Although Krill has a built-in HTTPS server, it may be desirable to run a production grade webserver as a reverse proxy in front of Krill. This allows easy TLS configuration and additional restrictions, if desired.

5 Jan 2021 • 6 min read

Supporting DNSSEC Key Signing Ceremonies

Supporting DNSSEC Key Signing Ceremonies

Over the past decade, uptake of DNSSEC has grown significantly. The vast majority of top-level domains (TLDs) is now DNSSEC-signed. While key signing ceremonies are now deployed in many places in the DNSSEC community, what is lacking is a common approach, especially related to tooling.

1 Dec 2020 • 13 min read

Moving RPKI Beyond Routing Security

Moving RPKI Beyond Routing Security

Resource Tagged Attestations, or RTAs, are a new type of RPKI object that is being proposed by authors from APNIC and NLnet Labs in the IETF. They allow any arbitrary file to be signed ‘with resources’ by one or more parties.

20 Nov 2020 • 4 min read

Introducing JDR: explore, inspect and troubleshoot the RPKI

Introducing JDR: explore, inspect and troubleshoot the RPKI

Today we launch the first version of JDR, our hosted tool to check anything in the RPKI. While not yet 100% feature complete, we think it already offers useful insights

18 Nov 2020 • 5 min read

SAD DNS and NLnet Labs DNS software

SAD DNS and NLnet Labs DNS software

Photo by arash payam / UnsplashUpdate 18 November 2021: we are aware of the follow-up paper published by the researchers. The text below remains accurate for Unbound users. Please note that

18 Nov 2020 • 5 min read

Why Routinator Doesn’t Fall Back to Rsync

Why Routinator Doesn’t Fall Back to Rsync

When creating software, we carefully weigh each design decision: security, resiliency, usability and many more factors play a role in the end result. This article explores the reasoning behind a behaviour that isn't specified in an RFC but which has significant impact on operators deploying RPKI.

29 Oct 2020 • 6 min read

Journeying into XDP Part 1: Augmenting DNS

Journeying into XDP Part 1: Augmenting DNS

How can eXpress Data Path (XDP) augment existing DNS software? We share our experiences of implementing Response Rate Limiting in XDP.

23 Oct 2020 • 12 min read

Testing .. 123 Delegated RPKI

Testing .. 123 Delegated RPKI

Validate your delegated RPKI deployment with the new NLnet Labs RPKI test root.

12 Oct 2020 • 8 min read

DNS-over-HTTPS in Unbound

DNS-over-HTTPS in Unbound

A major step forward in end user privacy.

9 Oct 2020 • 6 min read

Some Country for Old Men

Some Country for Old Men

An Unbound Story of Serving Expired Records.

9 Sep 2020 • 4 min read

Journeying into XDP: Part 0

Journeying into XDP: Part 0

Network programming using XDP has been on our radar for a while now. As tooling around this technology has vastly improved, we decided that it was time to finally get our hands dirty and see what this technology is all about.

20 Jul 2020 • 10 min read

Krill Gains Powerful ROA Management Based on BGP Routing

Krill Gains Powerful ROA Management Based on BGP Routing

25 Jun 2020 • 4 min read

IPv6 and Rust

IPv6 and Rust

15 Jun 2020 • 5 min read

Adapting Radix Trees

Adapting Radix Trees

11 Jun 2020 • 7 min read

Tuning NSD for even better performance

Tuning NSD for even better performance

17 Mar 2020 • 4 min read

Evolving Krill

Evolving Krill

Introducing Krill 0.5.0 ‘Serve no Turf’, which includes a user interface for easy management and many other improvements.

25 Feb 2020 • 5 min read

Response Policy Zones in Unbound

Response Policy Zones in Unbound

We are incredibly happy to introduce Unbound 1.10. This release features RPZ, a mechanism that makes it possible to define your local policies in a standardized way, and load your policies from external sources.

20 Feb 2020 • 9 min read

No results found

↑ ↓ Navigate up/down

Enter Go to article

/ Search new term

Esc Close search

GO TOP