| |
Operating the DNS in Canada
CIRA operates the dot-ca DNS at 100% availability
More than 400,000 times every 60 seconds, someone initiates an action online that involves a dot-ca domain name. More than 400,000 times every 60 seconds, servers at the Canadian Internet Registration Authority respond to that action and direct the online user to that particular dot-ca domain. More than 400,000 times every 60 seconds, CIRA makes Canada’s domain on the Internet function as it should.
The process of translating domain names into a set of numbers that the Internet uses to direct you to the domain you are seeking is known as the domain name system (DNS). CIRA operates the DNS used to direct users to domains with a dot-ca in their name. This means that every time someone on the Internet wants to connect to a dot-ca domain, CIRA’s computers handle that request at some point. This adds up to more than 600-million requests per day, up a whopping 37.6 per cent from the 436-million requests per day of a year ago.
If CIRA’s DNS stops operating for even 60 seconds, hundreds of thousands of online actions fail. If CIRA’s DNS stops operating, the impact would be felt throughout the Internet.
This mission-critical task is one of the reasons CIRA was created in the first place. Founded as a private-sector not-for-profit corporation, CIRA was entrusted with the stewardship of what was already being recognized as an immensely important resource for all Canadians, one perhaps as invaluable to Canada’s modern economy as the fur trade was hundreds of years ago.
One of our primary public-interest mandates is ensuring the 100 per cent availability of that resource. Fulfilling that mandate preoccupies our every day and consumes the bulk of our resources. We invest heavily in the infrastructure on which the DNS physically operates, as we keep pace with an explosion in demand while maintaining the reliability, robustness and security of our system.
In the 10 years since our birth, the Internet has become the operating system for our lives and CIRA’s job has become all the more crucial. It’s our mission to operate the dot-ca DNS with no downtime. It’s a mission we successfully accomplished again this past year.
IPV6 TO DRIVE EVEN GREATER ONLINE INNOVATION
There is a finite number of addresses in the Internet’s address-numbering system. Those addresses are rapidly becoming a scarce resource under the current IPv4 standard. Although still in its infancy, a new standard is being highly anticipated by much of the world’s Internet community, including CIRA, that will address this issue. This is called IPv6. The new standard will provide exponentially more addresses and will also improve security and efficiency.
Given the expected continued explosive growth of the Internet, especially in rapidly developing regions of the world, exhaustion of IPv4 addresses is imminent. Even in regions where allocation of addresses has historically been more generous, important initiatives such as the introduction of continental smart energy grids in Europe and North America will require addresses for all parties plugged into the grid which will greatly accelerate the pressure on this limited resource. Dot-ca domains already support IPv6, and CIRA is a strong advocate within international groups in promoting the adoption of the new system.
There are enough IPv6 addresses for trillions of addresses to be assigned to every human being on the planet.
MAKING THE DNS MORE ROBUST, EFFICIENT AND SECURE
CIRA implemented a number of technical improvements this past year, making the DNS more robust, efficient and secure. We completed the first full year in our new state-of-the-art server room in downtown Ottawa and rolled out an enhanced backup site that fully mirrors the registry. We dramatically increased our monitoring of the network so we have better advance notice of when a problem might be brewing. By including additional DNS third-party nodes, we greatly expanded our network of nodes around the world that can be used to connect a user to a dot-ca address, improving speed and efficiency and making some types of cyber-attacks easier to defend against. This year, we will be running trials of new DNS Security Extensions, or DNSSEC, that will make online fraud more difficult to perpetrate.
|
|
|
