24 Shared Registration System (SRS) Performance

Prototypical answer:

gTLDFull Legal NameE-mail suffixDetail
.삼성SAMSUNG SDS CO., LTDyesnic.comView

SAMSUNG SDS entrusts operation of registry system for gTLD dot 삼성(ʺ.삼성ʺ) to Korean ccTLD operation Korea Internet & Security Agency (ʺKISAʺ). KISA, an agency successfully operating about 1.3 million domain names, is predicted to reduce the burden of initial operation of dot 삼성(“.삼성”) gTLD and minimize errors as it is already equipped of dot KR(“.KR”) & dot 한국(“.한국”, IDN ccTLD) domain registry systems such as SRS, DNS and Whois.

Figure [24-1] SRS Conceptual Diagram

Leveraging expertise gained from operating the Korean ccTLD, KISA’s services will speed up resolution times, while increasing reliability, enhancing security, protecting information and providing stability to dot KR and dot 한국. These services include core functions such as conformance to registry-registrar models and protocols, zone file generation and distribution, billing and collection, data escrow and backups, publicly accessible WHOIS service, technical and customer support, and redundant physical locations.

KISA has an experienced technology management team leading an expert staff of technical support, customer service, and product management specialists who assist registrars and registrants every day of the year. This disciplined team has created well-defined processes which allow it to avoid emergencies and quickly address issues as they arise.
KISA has already established a comprehensive plan to operate dot 삼성(“.삼성”) gTLD. This is technology and know-how gained by operating Korean ccTLD, and it includes DNS, continuous service of WHOIS, as well as EPP communication process.

The main center of KISA is operated and maintained by Telecommunication grade. Server of the main center and network equipments are all composed of dual system, while backup center is installed in KT(Korea Telecom)ʹs data center, geographically apart, allowing real-time backup.

Main function categories are as the following:
1) Web Server: High capacity Web Servers provide secure Web services and information dissemination. It contains a registry home page to enable registrars to sign in and inquire about their account status, obtain downloads and whitepapers, access frequently asked questions, obtain self help support, or submit a trouble ticket to the TLD Registry Help Desk.

2) Secure Web Provisioning Interface: High capacity web servers provide a secure interface for the delegated managers and registrants in the locality space to provision registration data. Delegated managers will be provided with authenticity information that they will need to input to access their account information. Registrants that utilize it as a registrar will be provided with similar authenticity information for their registrations. This is to ensure that only that registrant can modify the registration.

3) EPP Servers: EPP transactions received from registrars undergo front-end processing by the EPP server that manages the EPP session level dialog, performs session level security processing, and strips out transaction records. These EPP transaction records are sent to SRS application server cluster for security authentication and business logic processing.

4) Application Servers: Application Servers process business logic, user authentication, posting of inserts, deletes, and updates to the master database. As well, they process interfaces to authentication, billing, backup, and system⁄network administration.

5) Centralized dot 삼성(“.삼성”) gTLD Database Servers: The Centralized dot 삼성(“.삼성”) gTLD database maintains registry data in a multi-threaded, multi-session database for building data-driven publishing and subscribes event notifications and replication to downstream data marts such as the Whois, Zone, and Billing.

6) Whois Distribution Database: The Whois Distribution Database is dynamically updated from the Centralized dot 삼성(“.삼성”) gTLD database and propagates the information to the Whois Database clusters.

7) Whois Database Clusters: The Whois Database is dynamically updated from the Whois Distribution Database and sits behind the Whois Server clusters. The Whois Database clusters are used to look up records that are not cached by the Whois Servers.

8) Whois Servers: The Load Balanced Whois Server Clusters receive a high volume of queries from Registrants and Internet users. The Whois service returns information about Registrars, domain names, nameservers, IP addresses, and the associated contacts Registry only holds main information about domain, and other information such as contact information is provided by registrarʹs Whois site according to the contract between registry and registrar.

9) Whois Distribution Database: The Distribution Database is dynamically updated from the Centralized dot 삼성(“.삼성”) gTLD database and propagates the information to the Database clusters.

10) Whois Database Clusters: The Database is dynamically updated from the Distribution Database and sits behind the Server clusters. The Database clusters are used to look up records that are not cached by the Servers.

11) Zone Distribution Database: The Zone Distribution Database is dynamically updated from the registry Centralized dot 삼성(“.삼성”) gTLD database and propagated to the nameserver sites located worldwide. It contains domain names, their associated nameserver names, and the IP addresses for those nameservers.

12) Billing and Collection: A commercial off-the-shelf system is customized for registry specific eCommerce billing functions that are integrated with transaction processing, the master database and a secure Web server. The system maintains each registrar’s account information by domain name and provides status reports on demand.

13) Authentication Services: Authentication Service uses commercial X.509 certificates and is used to authenticate the identity of entities interacting with the SRS.

14) Backup Server: Provides a backup and restore of each of the various cluster servers and database servers files and provides a shared library facility for central backup and recovery.

15) Systems⁄Network Management Console: Provides system administration and simple network management protocol (SNMP) monitoring of the network, LAN-based servers, cluster servers, network components, and key enterprise applications including the EPP, Web, Whois, Zone, Billing, Backup⁄Restore, and database application. Provides threshold and fault event notification and collects performance statistics.

16) Building LAN: Provides dual redundant switched Gigabit Ethernet LAN-based connectivity for all network devices in the data center. Firewall protects the building LAN from the in secure Internet via a Firewall that provides policy-based IP filtering and network-based intrusion detection services to protect the system from Internet hacking and denial of service attacks.

17) Load Balancers: Load balancing of TCP⁄IP traffic is based in a server cluster including common protocols such as least connections, weighted least connections, round robin, and weighted round robin.
Composition of KISAʹs Registry Main Center is shown in Figure 24-2.

Figure [24-2] Registry Main Center Network Diagram

The networks of Main Center are composed of dual structure. The outer networks connected to the two Routers consist of one with 45Mbps and one with 1Gbps. The two networks connected to each Router pass through Firewall and Switch to connect to the inner system. The two outer networks work simultaneously as ʺActive-Activeʺ state, and one will take charge over the other when there is a problem with one.

Composition of inner SRS system connected from Switch is shown in Figure 24-3.

Figure [24-3] SRS Main Center System Architecture

The inner system of KISAʹs Main Center is composed of dual system, just like the outer system is.; EPP Gateway Server, Application Server, Domain Application Server, Database Server all are by two sets. Each set of systems is in ʺActive-Activeʺ state, meaning both sides will work in normal occasions, and one side will process all work if there is a problem.
Backup Center is installed in Data Center, which is geographically apart. Two sets of systems in Main Center are operated in ʺActive-Activeʺ state, and the System of Backup Center, which only has one set, can be backed up real time.

Composition of Backup Center is shown in Figure 24-4.

Figure [24-4] Main Center & Backup Center

Main Center and Backup Center are connected by VPN (Virtual Private Network). All backup data is sent safely real time through encrypted channel. If there is a problem to SRS of both two sets of Main Center, tasks can be processed normally through Backup System.
The two sets of SRS system on Main Center and the one set system of Backup Center are maintained in Active state, enabling real time synchronization.

As of March 2012, usage of network and each systems is below 30% while KISAʹs dot KR (.KR) and Dot 한국(.한국) owns and provides service to about 1.3 million domain names. Dot 삼성(“.삼성”) gTLD will be operated in the same system, and it expects registration of about 12,000 domain names within the first three years of service. As it does not excess the system capacity of KISA, no additional installation of network or system is required for the operation.

SRS system management is divided into EPP, Application, and Database management

〈EPP Operation Management〉
- 1 person
- EPP Operation Policy, Supervisor of SRS Management
- over 7 years experiences

〈EPP Operation〉
- 2 persons
- EPP Program Development
- EPP Monitoring & Maintenance
- over 20 years experiences, over 10 years experiences

〈Database〉
- 2 persons
- DBA (Domain Registration DB)
- over 7 years experiences, over 3 years experiences

SRS system can be largely divided into EPP Gateway Server, Application Server, and Database Server. Each of the systems is as following:
1) EPP Gateway 1
Location : KISA Main Center, Seoul, Korea
System : Oracle X4150
CPUs : 2.16GHz × 1
Memory(MB) : 16GB
Total Storage(GB) : 584GB
Usage of CPU : 9.28%
Usage of Memory : 25%

2) EPP Gateway 2
Location : KISA Main Center, Seoul, Korea
System : Oracle X4150
CPUs : 2.16GHz × 1
Memory(MB) : 16GB
Total Storage(GB) : 584GB
Usage of CPU : 5.40%
Usage of Memory : 13%

3) EPP Gateway 3 (Backup)
Location : KISA Backup Center, Seongnam, Korea
System : Dell R810
CPUs : 2.66Ghz × 2
Memory(MB) : 64GB
Total Storage(GB) : -
Usage of CPU : -
Usage of Memory : -

4) Application Server 1
Location : KISA Main Center, Seoul, Korea
System : Oracle V480
CPUs : 1GHz × 1
Memory(MB) : 4GB
Total Storage(GB) : 73GB
Usage of CPU : 1.83%
Usage of Memory : 33%

5) Application Server 2
Location : KISA Main Center, Seoul, Korea
System : Oracle V480
CPUs : 1GHz × 1
Memory(MB) : 4GB
Total Storage(GB) : 73GB
Usage of CPU : 0.74%
Usage of Memory : 33%

6) Application Server 3 (Backup)
Location : KISA Backup Center, Seongnam, Korea
System : Dell R810
CPUs : 2.66Ghz × 2
Memory(MB) : 64GB
Total Storage(GB) : -
Usage of CPU : -
Usage of Memory : -

7) Database Server 1
Location : KISA Main Center, Seoul, Korea
System : Oracle M4000
CPUs : 2.15Ghz × 2
Memory(MB) : 16GB
Total Storage(GB) : 250GB
Usage of CPU : 4.05%
Usage of Memory : 70%

8) Database Server 2
Location : KISA Main Center, Seoul, Korea
System : Oracle M4000
CPUs : 2.15Ghz × 2
Memory(MB) : 16GB
Total Storage(GB) : 250GB
Usage of CPU : 4.05%
Usage of Memory : 64%

9) Database Server 3 (Backup)
Location : KISA Backup Center, Seongnam, Korea
System : Dell R810
CPUs : 2.66Ghz × 2
Memory(MB) : 64GB
Total Storage(GB) : -
Usage of CPU : -
Usage of Memory : -

Similar gTLD applications: (2)

gTLDFull Legal NameE-mail suffixzDetail
.samsungSAMSUNG SDS CO., LTDyesnic.com-2.45Compare
.doosanDoosan Corporationyesnic.com-2.42Compare