In this paper, we present the design and implementation of our network simulator for the detailed analysis of DNS Security Extensions (DNSSEC) 1. DNSSEC is an important technology for preventing DNS 2 3 resource records to be forged. However, enabling DNSSEC on DNS servers will cause some side effects such as increasing CPU load and traffic growth. Administrators and operators usually do not want to make large changes on their environments, especially DNS servers. The goals of this project are to build a DNSSEC simulator software and provide it as freely available open source software. Using the software, DNS administrators and operators can emulate their own DNS environment in the simulator and confirm the side effects of enabling DNSSEC. Furthermore, the design of our simulator is different from the traditional network simulators since DNS administrator can run their unmodified DNS implementations and emulate the topology of actual DNS environments so that the results have reality and reliability. In this paper, we describe the design and implementation of this simulator and show the benefits and use cases.
展开▼