24 Shared Registration System (SRS) Performance

Prototypical answer:

gTLDFull Legal NameE-mail suffixDetail
.durbanUniForum SA (NPC) trading as ZA Central Registrydundas.co.zaView

1 Synopsis

This chapter provides details on the technical and operational capabilities
of the ZA Central Registry, and as will be used for the dotDurban TLD.
This covers the operational plans include system and human resourcing to
run the dotDurban TLD according to the requirements of ICANN, the TLD
Registrars and industry best practices.
A high level architectural diagram and description of the services as provided
by the ZA Central Registry are included as well as the resourcing model for
operating the technical services for the dotDurban TLD.


2 Shared Registry Ability

The ZA Central Registry has operated the co.za 2nd level domain registry
since September 1995. This registry has grown from around 400 domains
at startup to over 750000 domains and with an average growth of over
15000 domains per month over the past year. Currently the ZA Central
Registry is in further negotiations with the South African Domain Name
Authority (ZADNA) to take over administration of further 2nd level domains
including org.za which consists of around 40000 domains.
The ZA Central Registry has maintained service levels comparable to speci-
fication 10 of the ICANN registry agreement during the time of administrat-
ing co.za zone and will commit the necessary resources necessary to comply
fully. The ZA Central Registry anticipates no issues with compliance to
ICANN service level requirements.


3 High Level Shared Registry System Description

The ZA Central Registry system architecture ensures the necessary scala-
bility allowing for anticipated growth of the registry. The components illus-
trated in diagram DNS-ShareRegistry-Diagram.pdf provide an overview of
the ZA Central Registry Shared Registry System (SRS) as provided by the
ZA Central Registry and as intended for use by the dotDurban TLD.
The SRS for the dotDurban TLD will comply to and keep current with all
relevant IETF RFCs in accordance with specification 6 section 1.2 and spec-
ification 10 of the ICANN registry agreement. These include the following

RFC 5730:- Extensible Provisioning Protocol (EPP).

RFC 5731:- EPP Domain Name Mapping.

RFC 5732:- EPP Host Mapping.

RFC 5733:- EPP Contact Mapping.

RFC 5734:- EPP TCP Transport.

RFC 3735:- Guidelines for Extending the Extensible Provisioning Proto-
col (EPP) should the dotDurban TLD policy oversight committee im-
plement policy that require extensions of the default EPP specification
for domain, host, and contact objects.




4 Shared Registry Infrastructure

This section provides a high level description of the services, related in-
frastructure, human and system resources as provided by the ZA Central
Registry and as will be utilised and expanded on for the dotDurban TLD.


4.1 Message Handler

The Message System Handler (MSH) provides a secure, authenticating EPP
messaging interface to accredited Registrars complying to IETF RFC 5734.
The functions of the MSH include access control, registrar authentication,
secure message handling between the registrars and the registry, registrar
session management, sophisticated message tracking and EPP XML Message
Schema validation in accordance with the EPP XML Schemas for domains,
hosts and contacts as defined in IETF RFCs 5731 to 5733.


4.1.1 MSH Human Resources

The MSH is a critical front facing component for an SRS as it the gateway
for all Registrar domain operations.
The ZA Central Registry has a complement of 3 MSH administrators and
developers responsible for the day to day operational requirements fulfilling
the roles described in section 7 of this document.


4.1.2 MSH System Resources

The ZA Central Registry MSH implementation for the dotDurban TLD will
consist of 2 co-located servers hosted at the primary site with one acting as
master server and the other as a hot swap standby server.
A remote standby cluster of MSH servers will be located at the Johannesburg
Internet Exchange JINX.
The remote standby cluster will be configured as a replica of the local cluster.


4.2 Registry Engine

The ZA Central Registry Registry Engine (RE) provides the domain regis-
tration functionality of the dotDurban TLD.
The RE operates on the domain, contact and host objects in accordance
with IETF RFCs 5730 to 5733 and the policies as required for the dotDurban
TLD.

The RE returns responses for instructions received to the Registrars syn-
chronously or asynchronously either via the MSH and⁄or using other out of
band mechanisms such as e-mail. The RE provides sophisticated logging on
all domain registration instructions.
The RE ensures that all domain object financial transactions are posted to
the appropriate financial accounts.


4.2.1 Registry Engine Human Resources

The ZA Central Registry has a complement of 6 RE administrators, devel-
opers, testers and support staff responsible for the development and day to
day operational requirements fulfilling the roles described in section 7 of this
document.


4.2.2 Registry Engine System Resources

The ZA Central Registry Registry Engine implementation for the dotDurban
TLD will consist of a cluster of 2 servers hosted at the primary site with one
acting as master server and the other as a hot swap standby server.
A remote standby cluster of Registry Engine servers will be located at the
Johannesburg Internet Exchange JINX.
The remote standby cluster will be configured as a replica of the local cluster.


4.3 Whois

The function of the Whois server provided by the ZA Central Registry is
to provide domain registration information to the public at large and in
accordance with the policies as dictated by applicable policies in accordance
with industry best practises and high availability requirements.
The Whois system provided by the ZA Central Registry, and as will be used
for the dotDurban TLD, consists of the following

Web Whois:- A web based whois providing domain, host and registrar
and registrant contact details for the dotDurban TLD.

Port 43 Whois:- A port 43 whois service providing domain, host and reg-
istrar and registrant contact details for the dotDurban TLD.

4.3.1 Whois Human Resources

The ZA Central Registry has a complement of 4 Whois administrators, de-
velopers and testers responsible for the day to day operational requirements
fulfilling the roles described in section 7 of this document.


4.3.2 Whois System Resources

The ZA Central Registry Web Whois implementation for the dotDurban
TLD will consist of a cluster of 2 servers hosted at the primary site with one
acting as master server and the other as a hot swop standby server.
The ZA Central Registry Port 43 Whois services for the dotDurban TLD
will be co-hosted on a single server and will be implemented as a cluster of
2 servers hosted at the primary site with one acting as master server and
the other as a hot swap standby server.
A remote standby cluster of Whois servers will be located at the Johannes-
burg Internet Exchange JINX.
The remote standby cluster will be configured as a replica of the local cluster.


4.4 DNS System

The function of the Domain Name System, (DNS), is to provide the nec-
essary publishing of zone records. The DNS system provided by the ZA
Central Registry conforms to the relevant industry standards and is imple-
mented and maintained according to industry best practises, security and
high availability requirements.
The DNS system provided by the ZA Central Registry, and as will be utilised
for the dotDurban TLD, consists of 8 Nameserver services placed over a
strategic geographical wide area. Two Nameservers will be configured as
anycast dns servers, with the rest configured as unicast dns servers.


4.4.1 DNS Human Resources

The ZA Central Registry has a complement of 3 in house DNS administrators
responsible for the day to day operational requirements and fulfilling the
roles described in section 7 of this document.


4.4.2 DNS System Resources

The ZA Central Registry master DNS implementation for the dotDurban
TLD will consist of a server cluster hosted at the primary site.

A remote standby cluster of DNS servers will be located at the Johannesburg
Internet Exchange JINX.
The remote standby cluster will be configured as a replica of the local cluster.
At least 6 unicast servers will be located at geographical diverse locations.
In addition 2 anycast dns services providers will be contracted to provide
and maintain the geographically dispersed anycast instances.


4.5 Network Infrastructure

The network infrastructure and associated routing provided by the ZA Cen-
tral Registry conforms to the relevant industry standards and is implemented
and maintained according to industry best practises, security and high avail-
ability requirements.


4.5.1 Networking Human Resources

The ZA Central Registry has a complement of 3 inhouse network admin-
istrators responsible for the day to day operational requirements. fulfilling
the roles described in section 7 of this document.


4.5.2 Network System Resources

The dotDurban TLD system network will be co-hosted on the network of
the ZA Central Registry.


4.6 Web Portal

The Web Portal provides the SRS with an interface to both the public and
the accredited registrars with the following functionality


4.6.1 Public

The web portal provides a gateway for the domain registration public to the
SRS. The functionality includes, but is not limited to, general TLD news,
domain registration policy detail pertinent to the dotDurban TLD, and an
interface for reporting complaints and abuse related issues.

4.6.2 Accredited Registrars

The Registry portal provides accredited registrars with an authenticated
secure interface into the registry enabling management of information per-
tinent to the Registrar. This including facilities for financial management,
contact management and reporting of information relevant to the registrar
and a notice board providing registry status information to the Registrars.


4.6.3 Web Portal Human Resources

The ZA Central Registry has a complement of 3 inhouse Web Portal de-
velopers and administrators fulfilling the roles described in section 7 of this
document.


4.7 Management Information System

The Management Information System, (MIS), is responsible for providing
the required domain registry statistics, trends and usage as required by
oversight bodies including the dotDurban TLD board and management,
and ICANN.
The MIS will also provide Registrars with necessary service level registry
information, and registration statistics within their mandate. The manage-
ment information system will initially be co-hosted on the hardware of the
Web Portal.


4.7.1 MIS Human Resources

The ZA Central Registry has a complement of 3 inhouse developers and
administrators responsible for the day to day operational requirements ful-
filling the roles described in section 7 of this document.


4.8 Financial System

The Financial System, (FS), provided by the ZA Central Registry is based
on OpenERP and provides the internal system for all financial and account-
ing responsibilities. This including Registrar invoicing, statements, and a
realtime balance checking facility.

4.8.1 FS Human Resources

The ZA Central Registry has a complement of 5 inhouse FS developers, ad-
ministrators and accounting clerks responsible for the day to day operational
requirements fulfilling the roles described in section 7 of this document.


4.9 Administration System

The Administration System provided by the ZA Central Registry provides
the internal operational system for registry administration requirements in-
cluding legal, administrative and technical functions. In addition to the
above the Administration System also provides the necessary infrastructure
to address the following

* Uniform rapid suspension procedure requirements.

* Post delegation dispute resolution policy requirements.


4.9.1 Administration System Human Resources

The ZA Central Registry has a complement of 3 inhouse developers and
administrators, 3 technical support staff, 2 legal clerks and 5 administration
clerks responsible for the day to day operational requirements fulfilling the
roles described in section 7 of this document.


4.10 Database

The Registry Database is the repository for various objects critical to the
operation of an SRS. These including domain, contact and host objects.
It is also the repository for all transactions on these objects, including all
financial and statistical records. The database is based on a clustered model
allowing full replication to standby backup infrastructure.


4.10.1 Database Technology

The ZA Central Registry will use PostgreSQL 9.1 for the dotDurban TLD
implementation based on several reasons but mainly for the ability of scala-
bility and synchronous replication allowing flexible remote failover database
replication which is critical in a generic top level domain (gTLD) implemen-
tation with the potential to grow significantly and as will be used on a global
scale.

4.10.2 Database Human Resources

The ZA Central Registry Registry has been using the PostgreSQL database
in its co.za registry administration operations for the past 12 years and has
built up considerable experience and expertise on this. PostgreSQL is a
powerful, open source object-relational database system.
The ZA Central Registry has a complement of 5 database administrators and
developers responsible for the day to day operational requirements around
the database fulfilling the roles described in section 7.


4.10.3 Database System Resources

The ZA Central Registry database implementation for the dotDurban TLD
will consist of a cluster of 2 database servers hosted at the primary site
with any one of the 2 servers acting as the master and with the second
server acting as a hot standby server using synchronous replication on a
transaction by transaction basis.
A remote backup cluster of the database servers will be located at the Johan-
nesburg Internet Exchange JINX. These database servers will be configured
as backup standby servers with data replicated asynchronously from the
master database server.


5 Shared Registry Interconnectivity

The dotDurban TLD will share the multi-homed internet connectivity as
used by the ZA Central Registry for the co.za zone and as illustrated in
diagram DNS-NetworkDiagram.pdf.





6 Shared Registry Synchronisation

The SRS for the dotDurban TLD will be replicated to co-located standby
servers and the remote backup site co-located at the Johannesburg Internet
Exchange, JINX.
All dynamic data as contained in the database will be synchronously repli-
cated between the master system and co-located standby servers.

In addition all dynamic data as contained in the database will also be
asynchronously replicated between the master site and the remote backup
standby site.
All system software and system configuration will be asynchronously up-
dated to both the co-located standby servers and the remote backup standby
servers as and when changes occur on a schedule to be maintained by the
system administration department.


7 Shared Registry Resourcing

The dotDurban TLD development, deployment and operational responsibil-
ities for the technical requirements will be staffed by members of the ZA
Central Registry. The ZA Central Registry has a current complement as
follows

Board of Directors:- 7

CEO:- 1

Financial Management:- 1

Management:- 3

Junior Management:- 4

Human Resources:- 1

Administration and Accounts:- 7

Technical Support:- 3

Housekeeping:- 2

Senior Development:- 3

Junior Development:- 3

System Administration:- 3

Registrar Liaison:- 1

Public Relations:- 1

African cctld Liaison:- 1

The roles being as follows

Development and Maintenance:- This responsibility covers the devel-
opment and maintenance of the registry systems. This also includes
keeping abreast with registry industry trends by participating in or-
ganisations such as the IETF and ICANN.

Data Modeling:- This responsibility covers the development of data mod-
els required for the current and ongoing database requirements of the
business of the registry.

Documentation:- This responsibility covers the documentation require-
ments.

System Testing:- This responsibility covers regression testing for all new
releases, as well as providing Registrar documentation and notices re-
garding any issues that may crop up from time to time.

System Administration:- This responsibility covers administration of the
registry systems including system installation and configuration, Reg-
istrar connectivity management, message management, security man-
agement covering Registrar public key management, operating system
installation and configuration, etc.

System Monitoring:- This responsibility covers monitoring of the soft-
ware and hardware dedicated to the registry services including up-
time, performance, security and abuse monitoring, and general net-
work, hardware and operating system health. This responsibility also
covers performance monitoring, reporting, statistics gathering, etc.

Network Administration:- This responsibility covers administration of
the network services including installation, routing configuration, and
maintaining the networking hardware.

Backups:- This responsibility covers all backup related activities include
hot backups to standby servers and cold backups (tape), including
management of off-site backups as well as backup recovery procedures.

Security:- This responsibility covers all registry security related respon-
sibilities including data security, hardware security, system services
security (software) and network security.

General Manager:- Person responsible for the day to day management
including any legal responsibilities and keeping up to date with inter-
national registry⁄registrar policy standards and best practises.

Financial Manager:- Staff member responsible for the financial system
implementation and the day to day financial policies and procedures.

Registrar Liaison:- Person responsible for the day to day registrar related
issues, as well as for building the registrar base.

Public Relations:- Person.

Clerical Staff:- Staff members responsible for the administrative and sup-
port tasks.

Technical Manager:- Staff member responsible for all technical related
issues including keeping up to date with international standards and
best practises.

System Administration:- Staff members responsible for the day to day
system administration, network administration and system monitor-
ing.

Similar gTLD applications: (3)

gTLDFull Legal NameE-mail suffixzDetail
.joburgUniForum SA (NPC) trading as ZA Central Registrydundas.co.za-2.38Compare
.capetownUniForum SA (NPC) trading as ZA Central Registrydundas.co.za-2.33Compare
.africaUniForum SA (NPC) trading as Registry.Africaregistry.net.za-2.28Compare