Dates: 29 Nov - 3 Dec 2021
Location: Sri Lanka Online


The Domain Name System (DNS) is a critical part of Internet infrastructure and the largest distributed Internet directory service. DNS translates names to IP addresses, a required process for web navigation, email delivery, and other Internet functions. However, the DNS infrastructure is not secure enough unless the security mechanisms such as Transaction Signatures (TSIG) and DNS Security Extensions (DNSSEC) are implemented. To guarantee the availability and the secure Internet services, it is important for networking professionals to understand DNS Security / DNSSEC concepts, configurations, and operations.

This course will discuss the concept of DNS Security in detail, mechanisms to authenticate the communication between DNS Servers, mechanisms to establish authenticity, and integrity of DNS data and mechanisms to delegate trust to public keys of third parties. Participant will be involved in Lab exercises and do configurations based on number of scenarios.

Target Audience

This course is designed for network engineers, systems administrators, and anyone who is involved in managing DNS operations.


It is assumed that participants have a good understanding of networking fundamentals and a basic knowledge of Unix/Linux.

DNS Technical Overview

  • Domains and Zones
  • Root servers
  • Recursive and Authoritative DNS
  • Forward and Reverse DNS
  • Resource Records

DNS Operations

  • Installation and Configuration
  • Creating Zones
  • DNS Queries and Timing Parameters
  • Zone Delegation


  • DNSSEC Technical Overview
  • DNSSEC Validation
  • DNSSEC Zone Signing Signing

Workshop Items

  • Agenda (includes links to presentations and schedule)
  • Instructors: Sheryl (Shane) Hermoso (APNIC), Arth Paulite (APNIC), Sonam Penjor (Community Trainer)
  • lk-20211129-online.txt
  • Last modified: 2021/12/03 06:44
  • by sheryl