Article

Free access

The design and implementation of a next generation name service for the internet

Authors:

Venugopalan Ramasubramanian,

Emin Gün SirerAuthors Info & Claims

SIGCOMM '04: Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications

Pages 331 - 342

https://doi.org/10.1145/1015467.1015504

Published: 30 August 2004 Publication History

Abstract

Name services are critical for mapping logical resource names to physical resources in large-scale distributed systems. The Domain Name System (DNS) used on the Internet, however, is slow, vulnerable to denial of service attacks, and does not support fast updates. These problems stem fundamentally from the structure of the legacy DNS.This paper describes the design and implementation of the Cooperative Domain Name System (CoDoNS), a novel name service, which provides high lookup performance through proactive caching, resilience to denial of service attacks through automatic load-balancing, and fast propagation of updates. CoDoNS derives its scalability, decentralization, self-organization, and failure resilience from peer-to-peer overlays, while it achieves high performance using the Beehive replication framework. Cryptographic delegation, instead of host-based physical delegation, limits potential malfeasance by namespace operators and creates a competitive market for namespace management. Backwards compatibility with existing protocols and wire formats enables CoDoNS to serve as a backup for legacy DNS, as well as a complete replacement. Performance measurements from a real-life deployment of the system in PlanetLab shows that CoDoNS provides fast lookups, automatically reconfigures around faults without manual involvement and thwarts distributed denial of service attacks by promptly redistributing load across nodes.

References

[1]

M. Andrews. Negative Caching of DNS Queries. RFC 2308, Mar 1998.]]

Digital Library

[2]

A. Bavier, M. Bowman, B. Chun, D. Culler, S. Karlin, S. Muir, L. Peterson, T. Roscoe, T. Spalink, and M. Wawrzoniak. Operating System Support for Planetary-Scale Network Services. Symposium on Networked Systems Design and Implementation, San Francisco CA, Mar 2004.]]

Digital Library

[3]

T. Brisco. DNS Support for Load Balancing. RFC 1794, Apr 1995.]]

Digital Library

[4]

N. Brownlee, kc Claffy, and E. Nemeth. DNS Measurements at a Root Server. GlobeCom, San Antonio, TX, Nov 2001.]]

[5]

N. Brownlee, kc Claffy, and E. Nemeth. DNS Root/gTLD Performance Measurements. Systems Administration Conference, San Diego CA, Dec 2001.]]

[6]

L. Breslau, P. Cao, L. Fan, G. Phillips, and S. Shenker. Web Caching and Zipf-like Distributions: Evidence and Implications. International Conference on Computer Communications, New York NY, Mar 1999.]]

[7]

M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D. Wallach. Secure Routing for Structured Peer-to-Peer Overlay Networks. Symposium on Operating Systems Design and Implementation, Boston MA, Dec 2002.]]

Digital Library

[8]

E. Cohen and H. Kaplan. Proactive Caching of DNS Records: Addressing a Performance Bottleneck. Symposium on Applications and the Internet, San Diego-Mission Valley CA, Jan 2001.]]

Digital Library

[9]

R. Cox, A. Muthitacharoen, and R. Morris. Serving DNS using a Peer-to-Peer Lookup Service". International Workshop on Peer-To-Peer Systems, Cambridge MA, Mar 2002.]]

Digital Library

[10]

P. Danzig, K. Obraczka, and A. Kumar. An Analysis of Wide-Area Nameserver Traffic: A study of the Internet Domain Name System. SIGCOMM, Baltimore MD, 1992.]]

Digital Library

[11]

J. Douceur, A. Adya, W. Bolosky, D. Simon, and M. Theimer. Reclaiming Space from Duplicate Files in a Serverless Distributed File System. International Conference on Distributed Computing Systems, Vienna Austria, Jul 2002.]]

Digital Library

[12]

D. Eastlake. Domain Name System Security Extensions. RFC 2535, Mar 1999.]]

Digital Library

[13]

I. Gupta, K. Birman, P. Linga, A. Demers, and R. van~Renesse. Kelips: Building an Efficient and Stable P2P DHT Through Increased Memory and Background Overhead. International Workshop on Peer-To-Peer Systems, Berkeley CA, Feb 2003.]]

[14]

A. Gupta, B. Liskov, and R. Rodrigues. Efficient Routing for Peer-to-Peer Overlays. Symposium on Networked Systems Design and Implementation, San Francisco CA, Mar 2004.]]

Digital Library

[15]

N. Harvey, M. Jones, S. Saroiu, M. Theimer, and A. Wolman. SkipNet: A Scalable Overlay Network with Practical Locality Properties., Symposium on Internet Technologies and Systems, Seattle WA, Mar 2003.]]

Digital Library

[16]

C. Huitema and S. Weerahandi. Internet Measurements: the Rising Tide and the DNS Snag., ITC Specialist Seminar on Internet Traffic Measurement and Modeling, Monterey CA, Sep 2000.]]

[17]

Internet Systems Consortium. BIND Vulnerabilities. www.isc.org/sw/bind/bind-security.php, Feb 2004.]]

[18]

J. Jung, E. Sit, H. Balakrishnan, and R. Morris. DNS Performance and Effectiveness of Caching. SIGCOMM Internet Measurement Workshop, San Francisco CA, Nov 2001.]]

Digital Library

[19]

J. Jung, A. Berger, and H. Balakrishnan. Modeling TTL-based Internet Caches. International Conference on Computer Communications, San Francisco CA, Mar 2003.]]

[20]

D. Karger, E. Lehman, T. Leighton, M. Levine, D. Lewin and R. Panigrahy. Consistent Hashing and Random Trees: Distributed Caching Protocols for Relieving Hot-spots on the World Wide Web. Symposium on Theory of Computing, El Paso TX, Apr 1997.]]

Digital Library

[21]

F. Kaashoek and D. Karger. Koorde: A Simple Degree-Optimal Distributed Hash Table. International Workshop on Peer-To-Peer Systems Workshop, Berkeley CA, Feb 2003.]]

[22]

A. Kumar, J. Postel, C. Neuman, P. Danzig, and S. Miller. Common DNS Implementation Errors and Suggested Fixes. RFC 1536, Oct 1993.]]

Digital Library

[23]

D. Malkhi, M. Naor, and D. Ratajczak. Viceroy: A Scalable and Dynamic Emulation of the Butterfly. Symposium on Principles of Distributed Computing, Monterey CA, Aug 2002.]]

Digital Library

[24]

P. Maymounkov and D. Maziéres. Kademlia: A Peer-to-peer Information System Based on the XOR Metric. International Workshop on Peer-To-Peer Systems, Cambridge MA, Mar 2002.]]

Digital Library

[25]

P. Mockapetris. Domain Names: Concepts and Facilities. RFC 1034, Nov 1987.]]

Digital Library

[26]

P. Mockapetris. Domain Names: Implementation and Specification. RFC 1035, Nov 1987.]]

Digital Library

[27]

P. Mockapetris and K. Dunlop. Development of the Domain Name System. SIGCOMM, Stanford CA, 1988.]]

Digital Library

[28]

R. Naraine. Massive DDoS Attack Hit DNS Root Servers. www.internetnews.com/dev-news/article.php/1486981, Oct 2002.]]

[29]

V. Pappas, Z. Xu, S. Lu, D. Massey, A. Terzis, and L. Zhang. Impact of Configuration Errors on DNS Robustness. SIGCOMM, Portland OR, Aug 2004.]]

Digital Library

[30]

K. Park, Z. Wang, V. Pai, and L. Peterson. CoDNS : Masking DNS Delays via Cooperative Lookups. Princeton University Computer Science Technical Report TR-690-04, Feb 2004.]]

[31]

G. Plaxton, R. Rajaraman, and A. Richa. Accessing nearby copies of replicated objects in a distributed environment. Theory of Computing Systems, vol 32, pg 241--280, 1999.]]

[32]

V. Ramasubramanian and E. G. Sirer. Beehive: Exploiting Power Law Query Distributions for O(1) Lookup Performance in Peer to Peer Overlays. Symposium on Networked Systems Design and Implementation, San Francisco CA, Mar 2004.]]

Digital Library

[33]

S. Ratnasamy, P. Francis, M. Hadley, R. Karp, and S. Shenker. A Scalable Content-Addressable Network. SIGCOMM, San Diego CA, Aug 2001.]]

Digital Library

[34]

A. Rowstron and P. Druschel. Pastry: Scalable, decentralized object location and routing for large-scale peer-to-peer systems. International Conference on Distributed Systems Platforms, Heidelberg, Germany, Nov 2001.]]

Digital Library

[35]

A. Shaikh, R. Tewari, and M. Agarwal. On the Effectiveness of DNS-based Server Selection. International Conference on Computer Communications, Anchorage AK, Apr 2001.]]

[36]

I. Stoica, R. Morris, D. Karger, F. Kaashoek, and H. Balakrishnan. Chord: A scalable Peer-to-peer Lookup Service for Internet Applications. SIGCOMM, San Diego CA, Aug 2001.]]

Digital Library

[37]

M. Theimer and M. Jones. Overlook: Scalable Name Service on an Overlay Network International Conference on Distributed Computing Systems, Vienna Austria, Jul 2002.]]

Digital Library

[38]

P. Thurrott. Microsoft Suffers Another DoS Attack. www.winnetmag.com/WindowsSecurity/Article/ArticleID/ 19770/WindowsSecurity_19770.html, Jan 2001.]]

[39]

M. Walfish, H. Balakrishnan, and S. Shenker. Untangling the Web from DNS. Symposium on Networked Systems Design and Implementation, San Francisco CA, Mar 2004.]]

Digital Library

[40]

U. Wieder and M. Naor. A Simple Fault Tolerant Distributed Hash Table. International Workshop on Peer-To-Peer Systems, Berkeley CA, Feb 2003.]]

[41]

C. Wills and H. Shang. The Contribution of DNS Lookup Costs to Web Object Retrieval. Worcester Polytechnic Institute Technical Report TR-00-12, Jul 2000.]]

[42]

B. Zhao, L. Huang, J. Stribling, S. Rhea, A. Joseph, and J. Kubiatowicz. Tapestry: A Resilient Global-scale Overlay for Service Deployment. Journal on Selected Areas in Communications, 2003.]]

Digital Library

[43]

L. Zhou, F. B. Schneider, and R. van~Renesse. COCA: A Secure Distributed On-line Certification Authority. Transactions on Computer Systems vol 20, Nov 2002.]]

Digital Library

Cited By

Patsakis CCasino FLykousas NKatos V(2020)Unravelling Ariadne’s Thread: Exploring the Threats of Decentralised DNSIEEE Access10.1109/ACCESS.2020.30047278(118559-118571)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3004727
Nongpoh BRay RDas MBanerjee A(2019)Enhancing Speculative Execution With Selective Approximate ComputingACM Transactions on Design Automation of Electronic Systems10.1145/330765124:2(1-29)Online publication date: 14-Feb-2019
https://dl.acm.org/doi/10.1145/3307651
Bakhshalipour MFaraji AGhahani SSamandi FLotfi-Kamran PSarbazi-Azad H(2019)Reducing Writebacks Through In-Cache DisplacementACM Transactions on Design Automation of Electronic Systems10.1145/328918724:2(1-21)Online publication date: 10-Jan-2019
https://dl.acm.org/doi/10.1145/3289187
Show More Cited By

Index Terms

The design and implementation of a next generation name service for the internet
1. Computer systems organization
  1. Architectures
    1. Distributed architectures
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles

Recommendations

The design and implementation of a next generation name service for the internet

Name services are critical for mapping logical resource names to physical resources in large-scale distributed systems. The Domain Name System (DNS) used on the Internet, however, is slow, vulnerable to denial of service attacks, and does not support ...
A Proxy View of Quality of Domain Name Service, Poisoning Attacks and Survival Strategies

The Domain Name System (DNS) provides a critical service for the Internet -- mapping of user-friendly domain names to their respective IP addresses. Yet, there is no standard set of metrics quantifying the Quality of Domain Name Service (QoDNS), let ...
The Design and Evaluation of a Self-Organizing Superpeer Network

Superpeer architectures exploit the heterogeneity of nodes in a peer-to-peer (P2P) network by assigning additional responsibilities to higher capacity nodes. In the design of a superpeer network for file sharing, several issues have to be addressed: how ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGCOMM '04: Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications

August 2004

402 pages

ISBN:1581138628

DOI:10.1145/1015467

General Chair:
Raj Yavatkar
Intel Corporation
,
Program Chairs:
Ellen Zegura
Georgia Institute of Technology
,
Jennifer Rexford
AT&T Labs -- Research

ACM SIGCOMM Computer Communication Review Volume 34, Issue 4
October 2004
385 pages
ISSN:0146-4833
DOI:10.1145/1030194
Issue’s Table of Contents

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 August 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGCOMM04

Sponsor:

SIGCOMM04: ACM SIGCOMM 2004 Conference

August 30 - September 3, 2004

Oregon, Portland, USA

Acceptance Rates

Overall Acceptance Rate 462 of 3,389 submissions, 14%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

231
Total Citations
View Citations
2,547
Total Downloads

Downloads (Last 12 months)115
Downloads (Last 6 weeks)13

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Patsakis CCasino FLykousas NKatos V(2020)Unravelling Ariadne’s Thread: Exploring the Threats of Decentralised DNSIEEE Access10.1109/ACCESS.2020.30047278(118559-118571)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3004727
Nongpoh BRay RDas MBanerjee A(2019)Enhancing Speculative Execution With Selective Approximate ComputingACM Transactions on Design Automation of Electronic Systems10.1145/330765124:2(1-29)Online publication date: 14-Feb-2019
https://dl.acm.org/doi/10.1145/3307651
Bakhshalipour MFaraji AGhahani SSamandi FLotfi-Kamran PSarbazi-Azad H(2019)Reducing Writebacks Through In-Cache DisplacementACM Transactions on Design Automation of Electronic Systems10.1145/328918724:2(1-21)Online publication date: 10-Jan-2019
https://dl.acm.org/doi/10.1145/3289187
Abe RSuzuki SMurai J(2018)Mitigating Bitcoin Node Storage Size By DHTProceedings of the 14th Asian Internet Engineering Conference10.1145/3289166.3289169(17-23)Online publication date: 12-Nov-2018
https://dl.acm.org/doi/10.1145/3289166.3289169
Wander MBoelmann CWeis T(2018)Domain Name System Without Root ServersRisks and Security of Internet and Systems10.1007/978-3-319-76687-4_14(203-216)Online publication date: 24-Feb-2018
https://doi.org/10.1007/978-3-319-76687-4_14
Asoni DHitz SPerrig A(2018)A Paged Domain Name System for Query PrivacyCryptology and Network Security10.1007/978-3-030-02641-7_12(250-273)Online publication date: 10-Nov-2018
https://doi.org/10.1007/978-3-030-02641-7_12
TSAI JLIU JCHANG T(2017)Optimality of a Simple Replica Placement Strategy for Chord Peer-to-Peer NetworksIEICE Transactions on Communications10.1587/transcom.2016EBP3078E100.B:4(557-565)Online publication date: 2017
https://doi.org/10.1587/transcom.2016EBP3078
Ye YLi TAdjeroh DIyengar S(2017)A Survey on Malware Detection Using Data Mining TechniquesACM Computing Surveys10.1145/307355950:3(1-40)Online publication date: 29-Jun-2017
https://dl.acm.org/doi/10.1145/3073559
Kafle VFukushima YMartinez-Julia PHarai H(2017)Scalable Directory Service for IoT ApplicationsIEEE Communications Standards Magazine10.1109/MCOMSTD.2017.17000271:3(58-65)Online publication date: Sep-2017
https://doi.org/10.1109/MCOMSTD.2017.1700027
Zou FZhang SPei BPan LLi LLi J(2016)Survey on Domain Name System Security2016 IEEE First International Conference on Data Science in Cyberspace (DSC)10.1109/DSC.2016.96(602-607)Online publication date: Jun-2016
https://doi.org/10.1109/DSC.2016.96
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents