Two Days in the Life of the DNS Anycast Root Servers
نویسندگان
چکیده
The DNS root nameservers routinely use anycast in order to improve their service to clients and increase their resilience against various types of failures. We study DNS traffic collected over a two-day period in January 2006 at anycast instances for the C, F and K root nameservers. We analyze how anycast DNS service affects the worldwide population of Internet users. To determine whether clients actually use the instance closest to them, we examine client locations for each root instance, and the geographic distances between a server and its clients. We find that frequently the choice, which is entirely determined by BGP routing, is not the geographically closest one. We also consider specific AS paths and investigate some cases where local instances have a higher than usual proportion of non-local clients. We conclude that overall, anycast roots significantly localize DNS traffic, thereby improving DNS service to clients worldwide.
منابع مشابه
Analyzing the K-root DNS Anycast Infrastructure
K-root is one of the DNS root servers that make use of anycast. Anycast is used to scale the root servers and increase performance by spreading instances of the same server over different locations, at the cost of increased complexity. In this paper the anycast infrastructure of the K-root DNS server is analyzed in order to understand if the infrastructure provides optimal service to its client...
متن کاملLongitudinal Analysis of Root Server Anycast Inefficiencies
Anycast is widely used in critical Internet infrastructures, including root DNS servers, to improve their scalability, resilience, and geographic proximity to clients. In practice, anycast depends on interdomain routing to direct clients to their “closest” sites. As a result, anycast’s performance is largely a result of available BGP routes. We provide what we believe to be the first longitudin...
متن کاملThe Case for Pushing DNS
The Domain Name System (DNS, [2]) has long been a critical part of the Internet infrastructure. The successful Denial-of-Service (DoS) attacks against Microsoft’s DNS servers in 2001 and the unsuccessful DoS attacks on the root name servers in 2002 have raised concerns about the vulnerability of the DNS. Operators responded by hardening the infrastructure, and using BGP anycast to replicate the...
متن کاملIdentifying and Characterizing Anycast in the Domain Name System
Since its first appearance, IP anycast has become essential for critical network services such as the Domain Name System (DNS). Despite this, there has been little attention to independently identifying and characterizing anycast nodes. External evaluation of anycast allows both third-party auditing of its benefits, and is essential to discovering benign masquerading or hostile hijacking of any...
متن کاملDetecting DNS Root Manipulation
We present techniques for detecting unauthorized DNS root servers in the Internet using primarily endpoint-based measurements from RIPE Atlas, supplemented with BGP routing announcements from RouteViews and RIPE RIS. The first approach analyzes the latency to the root server and the second approach looks for route hijacks. We demonstrate the importance and validity of these techniques by measur...
متن کامل