Browse IS/STAG - Portál TUL

Skip to page content
Website TUL
Portal title page TUL
Anonymous user Login Česky
Browse IS/STAG
Login Česky
  • Welcome
  • Browse IS/STAG
  • Applicant
  • Graduate
Welcome
Browse IS/STAG
Information for applicantsElectronic applicationECTS arrivalsCourse catalog
Getting startedAlumni Club

1st level navigation

  • Welcome
  • Browse IS/STAG
  • Applicant
  • Graduate
User disconnected from the portal due to long time of inactivity.
Please, click this link to log back in.
(Sessions are disconnected after 240 minutes of inactivity. Note that mobile devices may get disconnected even sooner).

Browse IS/STAG (S025)

 Help

Main menu for Browse IS/STAG

  • Programmes and specializations.
  • Courses
  • Departments
  • Lecturers
  • Students
  • Examination dates
  • Timetable events
  • Theses, selected item
  • Pre-regist. study groups
  • Rooms
  • Rooms – all year
  • Free rooms – Semester
  • Free rooms – Year
  • Capstone project
  • Times overlap
  •  
  • Title page
  • Calendar
  • Help

Search for a Thesis

Print/export:  Data export to PDF format - which you can print easily... Bookmark this link in your browser so that you may quickly load this IS/STAG page in the future.
Not logged-in user will see only submitted theses.
Only logged-in user will see student personal numbers.

Dates found, count: 1

Search result paging

Found 1 records Print Export to xls List URL
  Surname Name Title Thesis status   Supervisors Reviewers Type of thesis Date of def. Title
Student Type of thesis - - - - - - - - - -
Item shown in detail Huněk Includes the selected person into the timetable overlap calculation. Martin NAT64/DNS64 in the Networks with DNSSEC NAT64/DNS64 in the Networks with DNSSEC Thesis finished and defended successfully (DUO).   Plíva Zdeněk - Doctoral thesis 1655330400000 16.06.2022 NAT64/DNS64 in the Networks with DNSSEC Thesis finished and defended successfully (DUO).
Martin Huněk Doctoral thesis 0XX 0XX 0XX 0XX 0XX 0XX 0XX 0XX 0XX 0XX

Thesis info NAT64/DNS64 in the Networks with DNSSEC

  • Basic data
The document you are accessing is protected by copyright law. Unauthorised use may lead to criminal sanctions.
Name Huněk Martin Includes the selected person into the timetable overlap calculation.
Acad. Yr. 2013/2014
Assigning department NTI
Date of defence Jun 16, 2022
Type of thesis Doctoral thesis
Thesis status Thesis finished and defended successfully (DUO). Thesis finished and defended successfully (DUO).
Completeness of mandatory entries - All mandatory fields for this Thesis are filled in.
Main topic NAT64/DNS64 in the Networks with DNSSEC
Main topic in English -
Title according to student NAT64/DNS64 in the Networks with DNSSEC
English title as given by the student NAT64/DNS64 in the Networks with DNSSEC
Parallel name -
Subtitle -
Supervisor Plíva Zdeněk, prof. Ing. Ph.D.
Annotation Zvyšuj?c? se pod?l resolverů a aplikac? použ?vaj?c? DNS-over-HTTPS vede k vyš?mu pod?lu klientů použ?vaj?c?ch DNS resolvery třet?ch stran. Kvůli tomu ovšem selhává nejpouž?vanějš? NAT64 detekčn? metoda RFC7050[1], což vede u klientů použ?vaj?c?ch přechodové mechanismy NAT64/DNS64 nebo 464XLAT k neschopnosti tyto přechodové mechanismy správně detekovat, a t?m k nedostupnosti obsahu dostupného pouze po IPv4. C?lem této práce je navrhnout novou detekčn? metodu postavenou na DNS, která bude pracovat i s resolvery třet?ch stran, a bude schopná využ?t zabezpečen? DNS dat pomoc? technologie DNSSEC. Práce popisuje aktuálně standardizované metody, protokoly na kterých závis?, jejich omezen? a interakce s ostatn?mi metodami. Navrhovaná metoda použ?vá SRV záznamy k přenosu informace o použitém NAT64 prefixu v globáln?m DNS stromu. Protože navržená metoda použ?vá již standardizované protokoly a typy záznamů, je snadno nasaditelná bez nutnosti modifikovat jak DNS server, tak s?t'ovou infrastrukturu. Protože metoda použ?vá k distribuci informace o použitém prefixu globáln? DNS strom, umožňuje to metodě použ?t k zabezpečen? technologii DNSSEC. To této metodě dává lepš? bezpečnostn? vlastnosti než jaké vykazuj? předchoz? metody. Tato práce vytvář? standardizačn? bázi pro standardizaci v rámci IETF.
Annotation in English The rising number of DNS-over-HTTPS capable resolvers and applications results in the higher use of third-party DNS resolvers by clients. Because of that, the currently most deployed method of the NAT64 prefix detection, the RFC7050[1], fails to detect the NAT64 prefix. As a result, clients using either NAT64/DNS64 or 464XLAT transition mechanisms fail to detect the NAT64 prefix properly, making the IPv4-only resources inaccessible. The aim of this thesis is to develop a new DNS-based detection method that would work with foreign DNS and utilize added security by the DNS security extension, the DNSSEC. The thesis describes current methods of the NAT64 prefix detection, their underlying protocols, and their limitations in their coexistence with other network protocols. The developed method uses the SRV record type to transmit the NAT64 prefix in the global DNS tree. Because the proposed method uses already existing protocols and record types, the method is easily deployable without any modification of the server or the transport infrastructure. Due to the global DNS tree usage, the developed method can utilize the security provided by the DNSSEC and therefore shows better security characteristics than previous methods. This thesis forms the basis for standardization effort in the IETF.
Keywords IPv6, IPv4aaS, NAT64/DNS64, 464XLAT, DNSSEC, DoH
Keywords in English IPv6, IPv4aaS, NAT64/DNS64, 464XLAT, DNSSEC, DoH
Length of the covering note 121 s. (303 403 znaků)
Language AN
Annotation
Zvyšuj?c? se pod?l resolverů a aplikac? použ?vaj?c? DNS-over-HTTPS vede k vyš?mu pod?lu klientů použ?vaj?c?ch DNS resolvery třet?ch stran. Kvůli tomu ovšem selhává nejpouž?vanějš? NAT64 detekčn? metoda RFC7050[1], což vede u klientů použ?vaj?c?ch přechodové mechanismy NAT64/DNS64 nebo 464XLAT k neschopnosti tyto přechodové mechanismy správně detekovat, a t?m k nedostupnosti obsahu dostupného pouze po IPv4. C?lem této práce je navrhnout novou detekčn? metodu postavenou na DNS, která bude pracovat i s resolvery třet?ch stran, a bude schopná využ?t zabezpečen? DNS dat pomoc? technologie DNSSEC. Práce popisuje aktuálně standardizované metody, protokoly na kterých závis?, jejich omezen? a interakce s ostatn?mi metodami. Navrhovaná metoda použ?vá SRV záznamy k přenosu informace o použitém NAT64 prefixu v globáln?m DNS stromu. Protože navržená metoda použ?vá již standardizované protokoly a typy záznamů, je snadno nasaditelná bez nutnosti modifikovat jak DNS server, tak s?t'ovou infrastrukturu. Protože metoda použ?vá k distribuci informace o použitém prefixu globáln? DNS strom, umožňuje to metodě použ?t k zabezpečen? technologii DNSSEC. To této metodě dává lepš? bezpečnostn? vlastnosti než jaké vykazuj? předchoz? metody. Tato práce vytvář? standardizačn? bázi pro standardizaci v rámci IETF.
Annotation in English
The rising number of DNS-over-HTTPS capable resolvers and applications results in the higher use of third-party DNS resolvers by clients. Because of that, the currently most deployed method of the NAT64 prefix detection, the RFC7050[1], fails to detect the NAT64 prefix. As a result, clients using either NAT64/DNS64 or 464XLAT transition mechanisms fail to detect the NAT64 prefix properly, making the IPv4-only resources inaccessible. The aim of this thesis is to develop a new DNS-based detection method that would work with foreign DNS and utilize added security by the DNS security extension, the DNSSEC. The thesis describes current methods of the NAT64 prefix detection, their underlying protocols, and their limitations in their coexistence with other network protocols. The developed method uses the SRV record type to transmit the NAT64 prefix in the global DNS tree. Because the proposed method uses already existing protocols and record types, the method is easily deployable without any modification of the server or the transport infrastructure. Due to the global DNS tree usage, the developed method can utilize the security provided by the DNSSEC and therefore shows better security characteristics than previous methods. This thesis forms the basis for standardization effort in the IETF.
Keywords
IPv6, IPv4aaS, NAT64/DNS64, 464XLAT, DNSSEC, DoH
Keywords in English
IPv6, IPv4aaS, NAT64/DNS64, 464XLAT, DNSSEC, DoH
Research Plan -
Research Plan
-
Recommended resources -
Recommended resources
-
Týká se praxe No
Enclosed appendices -
Appendices bound in thesis -
Taken from the library Yes
Full text of the thesis
Appendices
Reviewer's report
Supervisor's report
Defence procedure record
Defence procedure records are not shown to unauthorized users.
Defence procedure record file