DNS Resolvers Considered Harmful

Schomp, Kyle; Allman, Mark; Rabinovich, Michael

doi:10.1145/2670518.2673881

Cited by 28 publications

(19 citation statements)

References 16 publications

(19 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The case with the local cache amplified the DNS traffic 3.9 times. In other words, removing the shared DNS resolver as proposed by Schomp et al [3] would increase the DNS traffic by 3.9 times. This result led us to conclude that removing the shared DNS resolver is not a good idea.…”

Section: Assumptions Of the Dns Query Modelmentioning

confidence: 99%

“…Notably, the cache hit effect is one of the most important topics that needs to be analyzed. Because Schomp et al's proposal [3] depends on the assumption that a local cache can reduce DNS traffic to a reasonable extent, we focused on verifying this assumption. In practical terms, we analyzed the cache hit effect of the current shared DNS resolver based on the campus network traffic.…”

Section: Introductionmentioning

confidence: 99%

“…The Domain Name System (DNS) [1], [2] forms a key part of the infrastructure of the Internet. Schomp et al [3] recently discussed the benefits and adverse effects of a shared DNS resolver, which led to their subsequent proposal of removing the shared DNS resolver and using a full-service resolver at end clients instead. From the viewpoint of the cache mechanism, their proposal involves removing the shared cache (i.e., the shared DNS resolver) and using a local cache at the end clients (i.e., a local full-service resolver).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Cache Effect of Shared DNS Resolver

Fujiwara¹,

Sato

Yoshida

2019

IEICE Trans. Commun.

View full text Add to dashboard Cite

Recent discussions on increasing the efficiency of the Internet's infrastructure have centered on removing the shared Domain Name System (DNS) resolver and using a local resolver instead. In terms of the cache mechanism, this would involve removing the shared cache from the Internet. Although the removal of unnecessary parts tends to simplify the overall system, such a large configuration change would need to be analyzed before their actual removal. This paper presents our analysis on the effect of a shared DNS resolver based on campus network traffic. We found that (1) this removal can be expected to amplify the DNS traffic to the Internet by about 3.9 times, (2) the amplification ratio of the root DNS is much higher (about 6.3 times), and (3) removing all caching systems from the Internet is likely to amplify the DNS traffic by approximately 16.0 times. Thus, the removal of the shared DNS resolver is not a good idea. Our data analysis also revealed that (4) many clients without local caches generate queries repeatedly at short intervals and (5) deploying local caches is an attractive technique for easing DNS overhead because the amount of traffic from such clients is not small.

show abstract

Section: Assumptions Of the Dns Query Modelmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Cache Effect of Shared DNS Resolver

Fujiwara¹,

Sato

Yoshida

2019

IEICE Trans. Commun.

View full text Add to dashboard Cite

show abstract

“…Nevertheless, it is considered inadequate for the purposes of a global ICN NRS, even for ICN architectures that use hierarchical, rather than flat, names. One reason is its susceptibility to security attacks [17], due to the limited redundancy in name-servers and the fact that many servers have a single point of attachment to the Internet [12]. In addition, the load is not equally balanced between root servers, since names are not equally distributed among top level domains.…”

Section: B Lookup-by-name Approachesmentioning

confidence: 99%

On the inter-domain scalability of route-by-name Information-Centric Network Architectures

Κατσαρός

Vasilakos

Okwii

et al. 2015

2015 IFIP Networking Conference (IFIP Networking)

View full text Add to dashboard Cite

Name resolution is at the heart of Information-Centric Networking (ICN), where names are used to both identify information and/or services, and to guide routing and forwarding inside the network. The ICN focus on information, rather than hosts, raises significant concerns regarding the scalability of the required Name Resolution System (NRS), especially when considering global scale, inter-domain deployments. In the routeby-name approach to NRS construction, name resolution and the corresponding state follow the routing infrastructure of the underlying inter-domain network. The scalability of the resulting NRS is therefore strongly related to the topological and routing characteristics of the network. However, past work has largely neglected this aspect. In this paper, we present a detailed investigation and comparison of the scalability properties of two route-by-name inter-domain NRS designs, namely, DONA and CURLING. Based on both real, full-scale inter-domain topology traces and synthetic, scaled-down topologies, our work quantifies a series of important scalability-related performance aspects, including the distribution of name-resolution state across the Internet topology and the associated processing and signaling overheads. We show that by avoiding DONA's exchange of state across peering links, CURLING results in deployment costs proportional to the total number of downstream customers of each Autonomous System. This translates to a 62-fold global state size reduction, at the expense of a 2.78-fold increase in lookup processing load, making CURLING a feasible approach to ICN name resolution.

show abstract

“…The main advantage of DNS is its widespread usage, therefore the incremental deployment and adoption of a DNS-based system is easier. On the other hand, it is considered inadequate for storing object-level information since it is susceptible to security attacks, such as Denial of Service (DoS) ones [44], with root servers having a disproportionally larger load than ones at lower levels of the hierarchy.…”

Section: ) Impact Of Churnmentioning

confidence: 99%

H-Pastry: An inter-domain topology aware overlay for the support of name-resolution services in the future Internet

Fotiou

Κατσαρός

Xylomenos

et al. 2015

Computer Communications

View full text Add to dashboard Cite

Abstract-Overlay networks are widely used for locating and disseminating information by means of custom routing and forwarding on top of an underlying network. Distributed Hash Table (DHT) based overlays in particular, provide good scalability and load balancing properties. However, these come at the cost of inefficient routing, caused by the lack of adaptation to the underlying network, as DHTs often overlook physical network proximity, administrative boundaries and/or inter-domain routing policies. In this paper we show how to construct a DHT-based overlay network that takes all these aspects into account, so as to ease the global deployment of Future Internet architectures which require large-scale name resolution, such as Information-Centric Networking (ICN) and the Internet of Things (IoT). Based on the Pastry distributed object location and routing substrate and the Canon paradigm for multi-level DHTs, we developed H-Pastry, an overlay DHT scheme that harvests the scalability and load balancing features of DHTs, while also adapting to the underlying network topology, administrative structure and routing policies. We evaluate the performance characteristics of the proposed scheme through an extensive set of detailed simulations over realistic inter-network topologies. Our results show that HPastry substantially improves routing by reducing both overlay path stretch (by up to 55%) and routing policy violations (by up to 70%), compared to the Canonical (multi-level) Chord DHT. In addition, the design of H-Pastry keeps traffic within administrative boundaries as far as possible, reducing interdomain hops by up to 27% compared to Pastry, while also creating excellent opportunities for the support of caching and multicast.

show abstract

DNS Resolvers Considered Harmful

Cited by 28 publications

References 16 publications

Cache Effect of Shared DNS Resolver

Cache Effect of Shared DNS Resolver

On the inter-domain scalability of route-by-name Information-Centric Network Architectures

H-Pastry: An inter-domain topology aware overlay for the support of name-resolution services in the future Internet

Contact Info

Product

Resources

About