research-article

Recursives in the wild: engineering authoritative DNS servers

Authors:

Moritz Müller,

Giovane C. M. Moura,

Ricardo de O. Schmidt,

John HeidemannAuthors Info & Claims

IMC '17: Proceedings of the 2017 Internet Measurement Conference

Pages 489 - 495

https://doi.org/10.1145/3131365.3131366

Published: 01 November 2017 Publication History

Abstract

In Internet Domain Name System (DNS), services operate authoritative name servers that individuals query through recursive resolvers. Operators strive to provide reliability by operating multiple name servers (NS), each on a separate IP address, and by using IP anycast to allow NSes to provide service from many physical locations. To meet their goals of minimizing latency and balancing load across NSes and anycast, operators need to know how recursive resolvers select an NS, and how that interacts with their NS deployments. Prior work has shown some recursives search for low latency, while others pick an NS at random or round robin, but did not examine how prevalent each choice was. This paper provides the first analysis of how recursives select between name servers in the wild, and from that we provide guidance to operators how to engineer their name servers to reach their goals. We conclude that all NSes need to be equally strong and therefore we recommend to deploy IP anycast at every single authoritative.

References

[1]

Abley, J., and Lindqvist, K. Operation of Anycast Services. RFC 4786 (Best Current Practice), Dec. 2006.

[2]

Ager, B., Mühlbauer, W., Smaragdakis, G., and Uhlig, S. Comparing dns resolvers in the wild. In Proceedings of the 10th ACM SIGCOMM conference on Internet Measurement (Sept. 2010), ACM, pp. 15--21.

Digital Library

[3]

Almond, C. Address database dump (ADB) - understanding the fields and what they represent. https://kb.isc.org/article/AA-01463/0/Address-database-dump-ADB-understanding-the-fields-and-what-they-represent.html, 2017.

[4]

Bajpai, V., Eravuchira, S., Schönwälder, J., Kisteleki, R., and Aben, E. Vantage Point Selection for IPv6 Measurements: Benefits and Limitations of RIPE Atlas Tags. In IFIP/IEEE International Symposium on Integrated Network Management (IM 2017) (Lisbon, Portugal, May 2017).

[5]

Bajpai, V., Eravuchira, S. J., and Schönwälder, J. Lessons learned from using the RIPE Atlas platform for measurement research. SIGCOMM Comput. Commun. Rev. 45, 3 (July 2015), 35--42.

Digital Library

[6]

Callahan, T., Allman, M., and Rabinovich, M. On modern DNS behavior and properties. ACM SIGCOMM Computer Communication Review 43, 3 (July 2013), 7--15.

Digital Library

[7]

Castro, S., Wessels, D., Fomenkov, M., and Claffy, K. A Day at the Root of the Internet. ACM Computer Communication Review 38, 5 (Apr. 2008), 41--46.

Digital Library

[8]

DNS OARC. DITL Traces and Analysis. https://www.dns-oarc.net/oarc/data/ditl/2017, Feb. 2017.

[9]

Elz, R., Bush, R., Bradner, S., and Patton, M. Selection and Operation of Secondary DNS Servers. RFC 2182 (Best Current Practice), July 1997.

Digital Library

[10]

Hoffman, P., Sullivan, A., and Fujiwara, K. DNS Terminology. RFC 7719 (Informational), Dec. 2015.

[11]

ICANN. RSSAC002: RSSAC Advisory on Measurements of the Root Server System. https://www.icann.org/en/system/files/files/rssac-002-measurements-root-20nov14-en.pdf, Nov. 2014.

[12]

Internet Assigned Numbers Authority (IANA). Technical requirements for authoritative name servers. https://www.iana.org/help/nameserver-requirements, 2017.

[13]

Korczyński, M., Król, M., and van Eeten, M. Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates. In Proceedings of the 2016 ACM on Internet Measurement Conference (2016), ACM, pp. 271--278.

Digital Library

[14]

Kührer, M., Hupperich, T., Bushart, J., Rossow, C., and Holz, T. Going wild: Large-scale classification of open DNS resolvers. In Proceedings of the 2015 ACM Conference on Internet Measurement Conference (Oct. 2015), ACM, pp. 355--368.

Digital Library

[15]

McPherson, D., Oran, D., Thaler, D., and Osterweil, E. Architectural Considerations of IP Anycast. RFC 7094 (Informational), Jan. 2014.

[16]

Mockapetris, P. Domain names - concepts and facilities. RFC 1034, Nov. 1987.

Digital Library

[17]

Mockapetris, P. Domain names - implementation and specification. RFC 1035, Nov. 1987.

Digital Library

[18]

Moura, G. C. M., de O. Schmidt, R., Heidemann, J., de Vries, W. B., Müller, M., Wei, L., and Hesselman, C. Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event. In Proceedings of the 2016 ACM Conference on Internet Measurement Conference (Oct. 2016), pp. 255--270.

Digital Library

[19]

Müller, M., Moura, G. C. M., de O. Schmidt, R., and Heidemann, J. Recursives in the wild datasets. https://www.simpleweb.org/wiki/index.php/Traces#Recursives_in_the_Wild:_Engineering_Authoritative_DNS_Servers and https://ant.isi.edu/datasets/all.html#DNS_Recursive_Study-20170323, May 2017.

[20]

Müller, M., Moura, G. C. M., de O. Schmidt, R., and Heidemann, J. Recursives in the Wild: Engineering Authoritative DNS Servers. Tech. Rep. ISI-TR-720, USC/Information Sciences Institute, Sept. 2017. http://www.isi.edu/%7ejohnh/PAPERS/Mueller17a.html.

Digital Library

[21]

Partridge, C., Mendez, T., and Milliken, W. Host Anycasting Service. RFC 1546 (Informational), Nov. 1993.

Digital Library

[22]

RIPE NCC. RIPE Atlas measurement ids. https://atlas.ripe.net/measurements/ID, Mar. 2017. ID is the experiment ID: 2A: 7951948, 2B: 7953390, 2C: 7967380, 3A: 7961003, 3B: 7954122, 4A: 7966930, 4B: 7960323, 2C-5min: 8321846, 2C-10min: 8323303, 2C-15min: 8324963, 2C-20min: 8329423, 2C-15min: 8335072.

[23]

RIPE NCC Staff. RIPE Atlas: A Global Internet Measurement Network. Internet Protocol Journal (IPJ) 18, 3 (Sep 2015), 2--26.

[24]

Root Server Operators. Root DNS, Feb. 2017. http://root-servers.org/.

[25]

Schmidt, R. d. O., Heidemann, J., and Kuipers, J. H. Anycast latency: How many sites are enough? In Proceedings of the Passive and Active Measurement Workshop (Sydney, Australia, Mar. 2017), Springer, pp. 188--200.

[26]

Schomp, K., Callahan, T., Rabinovich, M., and Allman, M. On measuring the client-side DNS infrastructure. In Proceedings of the (Barcelona, Spain, Oct. 2013).

Digital Library

[27]

SIDN Labs. .nl stats and data, Mar. 2017. http://stats.sidnlabs.nl/#network.

[28]

Singla, a., Chandrasekaran, B., Godfrey, P., and Maggs, B. The internet at the speed of light. In Proceedings of the 13th ACM Workshop on Hot Topics in Networks (Oct. 2014), ACM, pp. 1--7.

Digital Library

[29]

Vixie, P., Thomson, S., Rekhter, Y., and Bound, J. Dynamic Updates in the Domain Name System (DNS UPDATE). RFC 2136 (Proposed Standard), Apr. 1997. Updated by RFCs 3007, 4035, 4033, 4034.

Digital Library

[30]

Wijngaards, W. Unbound Timeout Information. https://unbound.net/documentation/info_timeout.html, Nov. 2010.

[31]

Woolf, S., and Conrad, D. Requirements for a mechanism identifying a name server instance. RFC 4892, Internet Request For Comments, June 2007.

[32]

Wullink, M., Moura, G. C., Müller, M., and Hesselman, C. Entrada: A high-performance network traffic data streaming warehouse. In Network Operations and Management Symposium (NOMS), 2016 IEEE/IFIP (Apr. 2016), IEEE, pp. 913--918.

[33]

Yu, Y., Wessels, D., Larson, M., and Zhang, L. Authority Server Selection in DNS Caching Resolvers. SIGCOMM Computer Communication Review 42, 2 (Mar. 2012), 80--86.

Digital Library

Cited By

Moura GDavids MSchutijser CHesselman CHeidemann JSmaragdakis G(2024)Deep Dive into NTP Pool's Popularity and MappingProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390418:1(1-30)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639041
Afek YBremler-Barr AStajnrod SCalandrino JTroncoso C(2023)NRDelegationAttackProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620416(3187-3204)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620416
Zhang FLiu BAlowaisheq EChen JLu CSong LMa YLiu YDuan HYang MMeng WJensen CCremers CKirda E(2023)Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS ServersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616647(296-310)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616647
Show More Cited By

Index Terms

Recursives in the wild: engineering authoritative DNS servers
1. Networks

Recommendations

Cache Me If You Can: Effects of DNS Time-to-Live
IMC '19: Proceedings of the Internet Measurement Conference

DNS depends on extensive caching for good performance, and every DNS zone owner must set Time-to-Live (TTL) values to control their DNS caching. Today there is relatively little guidance backed by research about how to set TTLs, and operators must ...
Two days in the life of the DNS anycast root servers
PAM'07: Proceedings of the 8th international conference on Passive and active network measurement

The DNS root nameservers routinely use anycast in order to improve their service to clients and increase their resilience against various types of failures. We study DNS traffic collected over a two-day period in January 2006 at anycast instances for ...
When the Dike Breaks: Dissecting DNS Defenses During DDoS
IMC '18: Proceedings of the Internet Measurement Conference 2018

The Internet's Domain Name System (DNS) is a frequent target of Distributed Denial-of-Service (DDoS) attacks, but such attacks have had very different outcomes---some attacks have disabled major public websites, while the external effects of other ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '17: Proceedings of the 2017 Internet Measurement Conference

November 2017

509 pages

ISBN:9781450351188

DOI:10.1145/3131365

General Chairs:
Steve Uhlig
Queen Mary University of London
,
Olaf Maennel
Tallinn University of Technology

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

In-Cooperation

USENIX Assoc: USENIX Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

DHS via HSS
DHS via AFRL

Conference

IMC '17

Sponsor:

IMC '17: Internet Measurement Conference

November 1 - 3, 2017

London, United Kingdom

Acceptance Rates

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Upcoming Conference

IMC '24

Sponsor:
sigcomm
sigcomm

ACM Internet Measurement Conference

November 4 - 6, 2024

Madrid , AA , Spain

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

30
Total Citations
View Citations
301
Total Downloads

Downloads (Last 12 months)33
Downloads (Last 6 weeks)4

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Moura GDavids MSchutijser CHesselman CHeidemann JSmaragdakis G(2024)Deep Dive into NTP Pool's Popularity and MappingProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390418:1(1-30)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639041
Afek YBremler-Barr AStajnrod SCalandrino JTroncoso C(2023)NRDelegationAttackProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620416(3187-3204)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620416
Zhang FLiu BAlowaisheq EChen JLu CSong LMa YLiu YDuan HYang MMeng WJensen CCremers CKirda E(2023)Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS ServersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616647(296-310)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616647
Lyu MHabibi Gharakheili HRussell CSivaraman V(2023)Enterprise DNS Asset Mapping and Cyber-Health Tracking via Passive Traffic AnalysisIEEE Transactions on Network and Service Management10.1109/TNSM.2022.322198120:3(3699-3716)Online publication date: Sep-2023
https://doi.org/10.1109/TNSM.2022.3221981
Okuthe JTerzoli A(2023)Assessing the Impact of DNS Configuration on Low Bandwidth NetworksTowards new e-Infrastructure and e-Services for Developing Countries10.1007/978-3-031-34896-9_6(76-86)Online publication date: 30-Jun-2023
https://doi.org/10.1007/978-3-031-34896-9_6
Sommese RJonker Mvan der Ham JMoura G(2022)Assessing e-Government DNS Resilience2022 18th International Conference on Network and Service Management (CNSM)10.23919/CNSM55787.2022.9965155(118-126)Online publication date: 31-Oct-2022
https://doi.org/10.23919/CNSM55787.2022.9965155
Arouna AJonker MLivadariu IBarakat CPelsser CBenson TChoffnes D(2022)On unifying diverse DNS data sourcesProceedings of the 22nd ACM Internet Measurement Conference10.1145/3517745.3563022(752-753)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1145/3517745.3563022
van der Toorn OMüller MDickinson SHesselman CSperotto Avan Rijswijk-Deij R(2022)Addressing the challenges of modern DNS a comprehensive tutorialComputer Science Review10.1016/j.cosrev.2022.10046945(100469)Online publication date: Aug-2022
https://doi.org/10.1016/j.cosrev.2022.100469
Yang DLi ZJiang HTyson GLi HXie GZeng Y(2022)A deep dive into DNS behavior and query failuresComputer Networks10.1016/j.comnet.2022.109131(109131)Online publication date: Jun-2022
https://doi.org/10.1016/j.comnet.2022.109131
Moura GHeidemann JHardaker WCharnsethikul PBulten JCeron JHesselman C(2022)Old but Gold: Prospecting TCP to Engineer and Live Monitor DNS AnycastPassive and Active Measurement10.1007/978-3-030-98785-5_12(264-292)Online publication date: 22-Mar-2022
https://doi.org/10.1007/978-3-030-98785-5_12
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents