APNIC Partners On Experiment to Improve DNS

May 4, 2018

An experiment is underway to better understand the security protocols protecting commonly used domain name system servers. 

In partnership with the Asia Pacific Network Information Centre, Cloudflare launched new speed and privacy enhancing domain name system servers in April as part of an experiment to root out distributed denial of service attacks. 

The Cloudflare-APNIC experiment uses two IPv4 address ranges, 1.1.1/24 and 1.0.0/24, which were originally configured as dark traffic ranges and have since been reserved for research use. Cloudflare's new DNS uses two addresses within those ranges, and 

Since its launch, multiple operational systems have been outed for breaching internet routing standards, including those used by Vodafone and Fortinet VPN. 

In a blog post, Geoff Huston, an Internet Hall of Fame inductee and APNIC’s chief scientist, said the experiment should yield additional insights into how DNS works, particularly with respect to security and user privacy.   

"We are now critically reliant on the integrity of the DNS, yet the details of the way it operates still remains largely opaque," he wrote. 

"We are aware that the DNS has been used to generate malicious denial of service attacks, and we are keen to understand if there are simple and widely deployable measures that can be taken to mitigate such attacks."

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
This question is for testing whether you are a human visitor and to prevent automated spam submissions.