research-article

Cache Me If You Can: Effects of DNS Time-to-Live

Authors:

Giovane C. M. Moura,

John Heidemann,

Ricardo de O. Schmidt,

Wes HardakerAuthors Info & Claims

IMC '19: Proceedings of the Internet Measurement Conference

Pages 101 - 115

https://doi.org/10.1145/3355369.3355568

Published: 21 October 2019 Publication History

Abstract

DNS depends on extensive caching for good performance, and every DNS zone owner must set Time-to-Live (TTL) values to control their DNS caching. Today there is relatively little guidance backed by research about how to set TTLs, and operators must balance conflicting demands of caching against agility of configuration. Exactly how TTL value choices affect operational networks is quite challenging to understand due to interactions across the distributed DNS service, where resolvers receive TTLs in different ways (answers and hints), TTLs are specified in multiple places (zones and their parent's glue), and while DNS resolution must be security-aware. This paper provides the first careful evaluation of how these multiple, interacting factors affect the effective cache lifetimes of DNS records, and provides recommendations for how to configure DNS TTLs based on our findings. We provide recommendations in TTL choice for different situations, and for where they must be configured. We show that longer TTLs have significant promise in reducing latency, reducing it from 183 ms to 28.7 ms for one country-code TLD.

References

[1]

J. Abley and K. Lindqvist. 2006. Operation of Anycast Services. RFC 4786. IETF. http://tools.ietf.org/rfc/rfc4786.txt

[2]

Bernhard Ager, Wolfgang Mühlbauer, Georgios Smaragdakis, and Steve Uhlig. 2010. Comparing DNS Resolvers in the Wild. In Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement (IMC '10). ACM, New York, NY, USA, 15--21.

Digital Library

[3]

Alexa. 2019. Alexa: Keyword Research, Competitive Analysis & Website Ranking. https://www.alexa.com/

[4]

Mario Almeida, Alessandro Finamore, Diego Perino, Narseo Vallina-Rodriguez, and Matteo Varvello. 2017. Dissecting DNS Stakeholders in Mobile Networks. In Proceedings of the 13th International Conference on Emerging Networking Experiments and Technologies (CoNEXT '17). ACM, New York, NY, USA, 28--34. https://doi.org/10.1145/3143361.3143375

Digital Library

[5]

Amazon AWS. 2019. Route 53 pricing. https://aws.amazon.com/route53/pricing/.

[6]

R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. 2005. Protocol Modifications for the DNS Security Extensions. RFC 4035. IETF. http://tools.ietf.org/rfc/rfc4035.txt

[7]

R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. 2005. Resource Records for the DNS Security Extensions. RFC 4034. IETF. http://tools.ietf.org/rfc/rfc4034.txt

[8]

Vaibhav Bajpai, Steffie Eravuchira, Jürgen Schönwälder, Robert Kisteleki, and Emile Aben. 2017. Vantage Point Selection for IPv6 Measurements: Benefits and Limitations of RIPE Atlas Tags. In IFIP/IEEE International Symposium on Integrated Network Management (IM 2017). IFIP, Lisbon, Portugal.

[9]

Vaibhav Bajpai, Steffie Jacob Eravuchira, and Jürgen Schönwälder. 2015. Lessons Learned from using the RIPE Atlas Platform for Measurement Research. SIGCOMM Comput. Commun. Rev. 45, 3 (July 2015), 35--42. http://www.sigcomm.org/sites/default/files/ccr/papers/2015/July/0000000-0000005.pdf

Digital Library

[10]

Matt Calder, Ashley Flavel, Ethan Katz-Bassett, Ratul Mahajan, and Jitendra Padhye. 2015. Analyzing the Performance of an Anycast CDN. In Proceedings of the ACM Internet Measurement Conference. ACM, Tokyo, Japan, 531--537. https://doi.org/10.1145/2815675.2815717

Digital Library

[11]

Thomas Callahan, Mark Allman, and Michael Rabinovich. 2013. On Modern DNS Behavior and Properties. SIGCOMM Compututer Communnication Review 43, 3 (July 2013), 7--15. https://doi.org/10.1145/2500098.2500100

Digital Library

[12]

Fangfei Chen, Ramesh K. Sitaraman, and Marcelo Torres. 2015. End-User Mapping: Next Generation Request Routing for Content Delivery. In Proceedings of the ACM SIGCOMM Conference. ACM, London, UK, 167--181. https://doi.org/10.1145/2785956.2787500

Digital Library

[13]

CZ-NIC. 2016. Cache prefers parent-side TTL to authoritative. https://github.com/CZ-NIC/knot-resolver/issues/34

[14]

Peter B. Danzig, Katia Obraczka, and Anant Kumar. 1992. An Analysis of Wide-Area Name Server Traffic: A study of the Domain Name System. In Proceedings of the ACM SIGCOMM Conference. ACM, Baltimore, Mayrland, USA, 281--292. https://doi.org/10.1145/144191.144301

Digital Library

[15]

R. Elz and R. Bush. 1997. Clarifications to the DNS Specification. RFC 2181. IETF. http://tools.ietf.org/rfc/rfc2181.txt

[16]

Marina Fomenkov, k. c. claffy, Bradley Huffaker, and David Moore. 2001. Macroscopic Internet Topology and Performance Measurements From the DNS Root Name Servers. In Proceedings of the USENIX Large Installation Systems Administration Conference. USENIX, San Diego, CA, USA, 221--230. http://www.caida.org/publications/papers/2001/Rssac2001a/rssac_lisa.pdf

[17]

K. Fujiwara. 2017. Updating Resolver Algorithm. Internet Draft. https://tools.ietf.org/html/draft-fujiwara-dnsop-resolver-update-00

[18]

Ólafur Guðmundsson. 2011. Looking at DNS traces: What do we know about resolvers? https://archive.icann.org/en/meetings/siliconvalley2011/node/22001.html.

[19]

Shuai Hao and Haining Wang. 2017. Exploring Domain Name Based Features on the Effectiveness of DNS Caching. SIGCOMM Comput. Commun. Rev. 47, 1 (Jan. 2017), 36--42. https://doi.org/10.1145/3041027.3041032

Digital Library

[20]

Wes Hardaker. 2018. Analyzing and Mitigating Privacy with the DNS Root Service. In Proceedings of the ISOC NDSS Workshop on DNS Privacy. The Internet Society, San Diego, California, USA.

[21]

Scott Hilton. 2016. Dyn Analysis Summary Of Friday October 21 Attack. Dyn blog https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/.

[22]

P. Hoffman, A. Sullivan, and K. Fujiwara. 2018. DNS Terminology. RFC 8499. IETF. http://tools.ietf.org/rfc/rfc8499.txt

[23]

S. Hollenbeck. 2009. Extensible Provisioning Protocol (EPP). RFC 5730. IETF. http://tools.ietf.org/rfc/rfc5730.txt

[24]

S. Hollenbeck. 2009. Extensible Provisioning Protocol (EPP) Domain Name Mapping. RFC 5731. IETF. http://tools.ietf.org/rfc/rfc5731.txt

[25]

ISC BIND. 2018. Chapter 6. BIND 9 Configuration Reference. https://ftp.isc.org/www/bind/arm95/Bv9ARM.ch06.html.

[26]

Jaeyeon Jung, Arthur W. Berger, and Hari Balakrishnan. 2003. Modeling TTL-based Internet Caches. In Proceedings of the IEEE Infocom. IEEE, San Francisco, CA, USA, 417--426. http://www.ieee-infocom.org/2003/papers/11_01.PDF

[27]

Jaeyeon Jung, E. Sit, H. Balakrishnan, and R. Morris. 2002. DNS performance and the effectiveness of caching. IEEE/ACM Transactions on Networking 10, 5 (Oct 2002), 589--603. https://doi.org/10.1109/TNET.2002.803905

[28]

Brian Krebs. 2019. A Deep Dive on the Recent Widespread DNS Hijacking Attacks. Krebs-on-Security blog at https://krebsonsecurity.com/2019/02/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks/. https://krebsonsecurity.com/2019/02/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks/

[29]

W. Kumari and P. Hoffman. 2015. Decreasing Access Time to Root Servers by Running One on Loopback. RFC 7706. IETF. http://tools.ietf.org/rfc/rfc7706.txt

[30]

D. Lawrence and W. Kumari. 2018. Serving Stale Data to Improve DNS Resiliency. Internet Draft. https://tools.ietf.org/html/draft-ietf-dnsop-serve-stale-02

[31]

Ziqian Liu, Bradley Huffaker, Marina Fomenkov, Nevil Brownlee, and kc claffy. 2007. Two Days in the Life of the DNS Anycast Root Servers. In Proceedings of the Passive and Active Measurement Workshop. Springer-Verlag, Louvain-la-neuve, Belgium, 125--134. https://www.caida.org/publications/papers/2007/dns_anycast/dns_anycast.pdf

[32]

Majestic. 2019. Majestic Million. https://majestic.com/reports/majestic-million

[33]

P.V. Mockapetris. 1987. Domain names - concepts and facilities. RFC 1034. IETF. http://tools.ietf.org/rfc/rfc1034.txt

[34]

P.V. Mockapetris. 1987. Domain names - implementation and specification. RFC 1035. IETF. http://tools.ietf.org/rfc/rfc1035.txt

[35]

Giovane C. M. Moura, Ricardo de O. Schmidt, John Heidemann, Wouter B. de Vries, Moritz Müller, Lan Wei, and Christian Hesselman. 2016. Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event. In Proceedings of the ACM Internet Measurement Conference. ACM, Santa Monica, California, USA, 255--270. https://doi.org/10.1145/2987443.2987446

Digital Library

[36]

Giovane C. M. Moura, John Heidemann, Moritz Müller, Ricardo de O. Schmidt, and Marco Davids. 2018. When the Dike Breaks: Dissecting DNS Defenses During DDoS. In Proceedings of the ACM Internet Measurement Conference. Boston, MA, USA, 8--21. https://doi.org/10.1145/3278532.3278534

Digital Library

[37]

Moritz Müller, Giovane C. M. Moura, Ricardo de O. Schmidt, and John Heidemann. 2017. Recursives in the Wild: Engineering Authoritative DNS Servers. In Proceedings of the ACM Internet Measurement Conference. ACM, London, UK, 489--495. https://doi.org/10.1145/3131365.3131366

Digital Library

[38]

Neustar. 2019. DDoS Prevention & Protection FAQs. https://www.home.neustar/resources/faqs/ddos-faqs.

[39]

OpenDNS. 2019. Setup Guide: OpenDNS. https://www.opendns.com/setupguide/.https://www.opendns.com/setupguide

[40]

Vasileios Pappas, Dan Massey, and Lixia Zhang. 2007. Enhancing DNS Resilience against Denial of Service Attacks. In Proceedings of the 37th International Conference on Dependable Systems and Networks. IEEE, Edinburgh, UK, 450--459. https://doi.org/10.1109/DSN.2007.42

Digital Library

[41]

Nicole Perlroth. 2016. Hackers Used New Weapons to Disrupt Major Websites Across U.S. New York Times (Oct. 22 2016), A1. http://www.nytimes.com/2016/10/22/business/internet-problems-attack.html

[42]

Jing Qiao. 2017. Resolver centricity experiment. https://blog.nzrs.net.nz/resolvers-centricity-detection/.

[43]

RIPE NCC. 2019. RIPE Atlas Measurement IDs. https://atlas.ripe.net/measurements/ID. ID is the experiment ID: uy-NS: 19544918, a.nic.uy-A:19581585, google.co-NS: 19927577, mapache-de-madrid.co-NS: 19584842, in-bailiwick: 20199814, out-of-bailiwick: 20181892, TTL60-u:19862830, TTL86400-u:19863763, TTL60-s:19871393, TTL86400-s:19871498, TTL60-s-anycast:19875360, uy-NS2: 19925152, zurrundeddu-offline: 22483308.

[44]

RIPE NCC Staff. 2015. RIPE Atlas: A Global Internet Measurement Network. Internet Protocol Journal (IPJ) 18, 3 (Sep 2015), 2--26.

[45]

RIPE Network Coordination Centre. 2015. RIPE Atlas. https://atlas.ripe.net.

[46]

Quirin Scheitle, Oliver Hohlfeld, Julien Gamba, Jonas Jelten, Torsten Zimmermann, Stephen D. Strowes, and Narseo Vallina-Rodriguez. 2018. A Long Way to the Top: Significance, Structure, and Stability of Internet Top Lists. In Proceedings of the Internet Measurement Conference 2018 (IMC '18). ACM, New York, NY, USA, 478--493. https://doi.org/10.1145/3278532.3278574

Digital Library

[47]

Ricardo de O. Schmidt, John Heidemann, and Jan Harm Kuipers. 2017. Anycast Latency: How Many Sites Are Enough?. In Proceedings of the Passive and Active Measurement Workshop. Springer, Sydney, Australia, 188--200. http://www.isi.edu/%7ejohnh/PAPERS/Schmidt17a.html

[48]

Kyle Schomp, Tom Callahan, Michael Rabinovich, and Mark Allman. 2013. On measuring the client-side DNS infrastructure. In Proceedings of the 2015 ACM Conference on Internet Measurement Conference. ACM, 77--90.

Digital Library

[49]

SIDN Labs. 2019. .nl stats and data. http://stats.sidnlabs.nl.

[50]

Steve Souders. 2008. High-Performance Web Sites. Commun. ACM 51, 12 (Dec. 2008), 36--41. https://doi.org/10.1145/1409360.1409374

[51]

Matthew Thomas and Duane Wessels. 2015. A study of caching behavior with respect to root server TTLs. DNS-OARC. https://indico.dns-oarc.net/event/24/contributions/374/

[52]

Umbrella. 2019. Umbrella Popularity List. https://s3-us-west-1.amazonaws.com/umbrella-static/index.html

[53]

Thomas Vissers, Wouter Joosen, and Nick Nikiforakis. 2015. Parking sensors: Analyzing and detecting parked domains. In Proceedings of the 22nd Network and Distributed System Security Symposium (NDSS 2015). Internet Society, 53--53.

[54]

Lan Wei and John Heidemann. 2017. Does Anycast Hang Up On You?. In IEEE Network Traffic Monitoring and Analysis Conference. IEEE, Dublin, Ireland, 9. https://doi.org/10.23919/TMA.2017.8002905

[55]

Maarten Wullink. 2016. ENTRADA: The Impact of a TTL Change at the TLD Level. DNS-OARC. https://indico.dns-oarc.net/event/22/contributions/314/

[56]

Maarten Wullink, Giovane CM Moura, and Cristian Hesselman. 2018. Dmap: Automating Domain Name Ecosystem Measurements and Applications. In Proceedings of the IEEE Network Traffic Monitoring and Analysis Conference. IEEE, Vienna, Austria, 1--8. https://doi.org/10.23919/TMA.2018.8506521

[57]

Maarten Wullink, Giovane CM Moura, Moritz Müller, and Cristian Hesselman. 2016. ENTRADA: A high-performance network traffic data streaming warehouse. In Network Operations and Management Symposium (NOMS), 2016 IEEE/IFIP. IEEE, 913--918.

Digital Library

Cited By

Ma ZYou JDeng H(2024)A Recommendation-Based Auxiliary Caching for Mapping RecordIEICE Transactions on Communications10.23919/transcom.2023EBP3117E107-B:2(286-295)Online publication date: Mar-2024
https://doi.org/10.23919/transcom.2023EBP3117
Le Pochat VFernandez SVan Goethem TTajalizadehkhoob SDesmet LDuda AJoosen WKorczyński M(2024)Evaluating the Impact of Design Decisions on Passive DNS-Based Domain Rankings2024 8th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA62044.2024.10559182(1-11)Online publication date: 21-May-2024
https://doi.org/10.23919/TMA62044.2024.10559182
Dozier KSalamatian LRubenstein D(2024)Analysis of False Negative Rates for Recycling Bloom Filters (Yes, They Happen!)Proceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36560058:2(1-34)Online publication date: 29-May-2024
https://dl.acm.org/doi/10.1145/3656005
Show More Cited By

Index Terms

Cache Me If You Can: Effects of DNS Time-to-Live
1. Networks
  1. Network performance evaluation
    1. Network measurement
  2. Network services
    1. Naming and addressing

Recommendations

Criticality aware tiered cache hierarchy: a fundamental relook at multi-level cache hierarchies
ISCA '18: Proceedings of the 45th Annual International Symposium on Computer Architecture

On-die caches are a popular method to help hide the main memory latency. However, it is difficult to build large caches without substantially increasing their access latency, which in turn hurts performance. To overcome this difficulty, on-die caches ...
When the Dike Breaks: Dissecting DNS Defenses During DDoS
IMC '18: Proceedings of the Internet Measurement Conference 2018

The Internet's Domain Name System (DNS) is a frequent target of Distributed Denial-of-Service (DDoS) attacks, but such attacks have had very different outcomes---some attacks have disabled major public websites, while the external effects of other ...
Modeling LRU cache with invalidation

Least Recently Used (LRU) is a very popular caching replacement policy. It is very easy to implement and offers good performance, especially when data requests are temporally correlated, as in the case of web traffic.When the data content can change ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '19: Proceedings of the Internet Measurement Conference

October 2019

497 pages

ISBN:9781450369480

DOI:10.1145/3355369

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 October 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

DHS S&T/CSD

Conference

IMC '19

Sponsor:

IMC '19: ACM Internet Measurement Conference

October 21 - 23, 2019

Amsterdam, Netherlands

Acceptance Rates

IMC '19 Paper Acceptance Rate 39 of 197 submissions, 20%;

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Upcoming Conference

IMC '24

Sponsor:
sigcomm
sigcomm

ACM Internet Measurement Conference

November 4 - 6, 2024

Madrid , AA , Spain

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

42
Total Citations
View Citations
673
Total Downloads

Downloads (Last 12 months)70
Downloads (Last 6 weeks)10

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ma ZYou JDeng H(2024)A Recommendation-Based Auxiliary Caching for Mapping RecordIEICE Transactions on Communications10.23919/transcom.2023EBP3117E107-B:2(286-295)Online publication date: Mar-2024
https://doi.org/10.23919/transcom.2023EBP3117
Le Pochat VFernandez SVan Goethem TTajalizadehkhoob SDesmet LDuda AJoosen WKorczyński M(2024)Evaluating the Impact of Design Decisions on Passive DNS-Based Domain Rankings2024 8th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA62044.2024.10559182(1-11)Online publication date: 21-May-2024
https://doi.org/10.23919/TMA62044.2024.10559182
Dozier KSalamatian LRubenstein D(2024)Analysis of False Negative Rates for Recycling Bloom Filters (Yes, They Happen!)Proceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36560058:2(1-34)Online publication date: 29-May-2024
https://dl.acm.org/doi/10.1145/3656005
Moura GDavids MSchutijser CHesselman CHeidemann JSmaragdakis G(2024)Deep Dive into NTP Pool's Popularity and MappingProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390418:1(1-30)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639041
Ferreira IOki E(2024)Latency-Aware Cache Mechanism for Resolver Service of Domain Name SystemsNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575387(1-4)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575387
Ben Mazziane YAlouf SNeglia GMenasche D(2024)TTL model for an LRU-based similarity caching policyComputer Networks10.1016/j.comnet.2024.110206241(110206)Online publication date: Mar-2024
https://doi.org/10.1016/j.comnet.2024.110206
Chen JLiang M(2023)Real-Time Distributed Information Sharing Platform for Novel Activities based on Cloud Collaborative Software2023 International Conference on Inventive Computation Technologies (ICICT)10.1109/ICICT57646.2023.10134049(1122-1126)Online publication date: 26-Apr-2023
https://doi.org/10.1109/ICICT57646.2023.10134049
Rizvi AMirkovic JHeidemann JHardaker WStory R(2023)Defending Root DNS Servers Against DDoS Using Layered Defenses2023 15th International Conference on COMmunication Systems & NETworkS (COMSNETS)10.1109/COMSNETS56262.2023.10041415(513-521)Online publication date: 3-Jan-2023
https://doi.org/10.1109/COMSNETS56262.2023.10041415
Safaei Pour MNader CFriday KBou-Harb E(2023)A Comprehensive Survey of Recent Internet Measurement Techniques for Cyber SecurityComputers and Security10.1016/j.cose.2023.103123128:COnline publication date: 1-May-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103123
Hasslinger GOkhovatzadeh MNtougias KHasslinger FHohlfeld O(2023)An overview of analysis methods and evaluation results for caching strategiesComputer Networks10.1016/j.comnet.2023.109583228(109583)Online publication date: Jun-2023
https://doi.org/10.1016/j.comnet.2023.109583
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents