NSD 4.0.0 released
Tue, 29 Oct 2013
New major release with many features: dynamically reconfig to add and remove zones, more TCP support, many more zones loaded, faster speed.NSD project page
Unbound 1.4.21 released
Thu, 19 September 2013
NSD 3.2.16 released
Mon, 22 Jul 2013
OpenDNSSEC 1.4.0 released
Mon, 22 April 2013
Version 1.4.0 of OpenDNSSEC has now been released. It includes
support for AXFR and IXFR, both input and output; HSM login; and more. Also
the Auditor is deprecated.
Net::DNS 0.72 released
Fri, 28 Dec 2012
ldns 1.6.16 released
Tue, 13 Nov 2012
ldns 1.6.14 and ldns 1.6.15 had a bug in creating empty bitmaps for NSEC3 on empty non-terminals; and were unable to build a loadable pyldns module.
This release has those two bugs resolved.
ldns project page
Credns 0.2.10 released
Fri, 22 Jun 2012
Software program aimed at fortifying DNSSEC by performing validation in the DNS notify/transfer-chain.Details
Dnssec-Trigger 0.11 released
Thu, 7 Jun 2012
experimental package that provides DNSSEC on personal computers. Bug fixes, hotspot detection, software update.Details
NLnet Labs Strategic Plan 2014
Wed, 9 Oct 2013
This is the first time we post this type
of plan publicly. With this plan we intend to communicate
who we are and where we are going, it serves the NLnet Labs
Board and Staff but also the parties that support our
mission and want to contribute financially.
Experiences with MPTCP in an International OpenFlow Network
Tue, 3 Sep 2013
Keeping up with the network demand in order to transfer these data sets over the Internet is a challenge. Single links do not have enough capacity anymore. Therefore we need to install more interfaces in the servers and use all available paths in the network. In this paper we describe two new technologies that help to optimally use the capacity of all multiple paths simultaneously: OpenFlow and Multipath TCP (MPTCP).
TNC2013 paper (PDF)
Discovery and Mapping of the Dutch National Critical IP Infrastructure
Mon, 12 Aug 2013
The research project entails the mapping and subsequent analysis of the AS-level interconnections between the organisations active as the Dutch critical infrastructure. One of the conclusions is that the Dutch critical infrastructure organisations are well interconnected but rely a lot on foreign entities for IP transit and even for carrying potentially sensitive information via web and email services.
MSc. report (PDF)
Identifying Patterns in DNS Traffic
A visual analytics approach is used on a large set of DNS packet captures to gain insight into ways that authoritative name servers are abused for denial of service attacks. Several tools were developed to identify patterns in DNS queries and responses.
MSc. report (PDF)
NLnet Labs Annual Report 2012
Mon, 27 May 2013
We are happy to present NLnet Labs Annual report
2012. NLnet Labs is active in those areas where a long-breath
can have a profound impact on the Internet societal value and
2012 was an interesting year in all areas on which NLnet Labs is
Annual Report 2012 (PDF)
Recent blog posts
Tue, 24 Sep 2013 by benno
This blog post is based on the report “Discovery and Mapping of the Dutch National Critical IP Infrastructure” by Fahimeh Alizadeh and Razvan Oprea. Problem After the publication of the Critical Infrastructure Protection report more than ten years ago, the leading questions that emerge today are how critical infrastructure companies are interconnected, how resilient are these connections, ...
Mon, 16 Sep 2013 by wouter
The recent disclosure by ANSSI (CVE-2013-5661) notes problems with RRL Slip and response spoofing. This document explains explains the tradeoffs. Other documents with advice: French announcement from ANSSI: http://www.certa.ssi.gouv.fr/site/CERTA-2013-AVI-506/index.html Dutch vuln announcement: https://www.ncsc.nl/.../NCSC-2013-0597...html English: We do not have a link to English information. However the vulnerability number is: CVE-2013-5661 Redbarn from Vixie: On the Time ...
Mon, 08 Jul 2013 by wouter
For NSD 4 the TCP performance was optimised, with different socket handling compared to NSD 3. This article discusses a TCP performance test for NSD 4. In previous blog contributions, general (UDP) performance was measured and memory usage was analysed for NSD 4. The TCP performance was measured by taking the average qps reported by ...
Fri, 05 Jul 2013 by wouter
NSD 4 is currently in beta and we are expecting a release candidate soon. This is the second of a series of blog-posts in which we describe some findings that may help you to optimize your NSD4 installation. In the first article we talked about general performance, this article muses about memory usage. (This article ...