DNS Trace Replay at Scale (abstract)

The Domain Name System (DNS) has grown to play various of broader roles in the Internet, beyond nameto-address mapping. It provides query engine for antispam [2] and replica selection for content delivery networks (CDNs) [3]. DANE [1] provides additional source of trust by leveraging the integrity verification of DNSSEC. The wide use and critical role of DNS prompt its continuous evolution. However, DNS protocol evolution and expansion of its use has been slow because advances must consider a huge and diverse installed base: a complex ecosystem of many implementations, archaic deployments, and interfering middleboxes. DNS performance issues are also a concern, both for choices about protocol changes, and for managing inevitable changes in use. There are a number of important open questions: How does current server operate under the stress of a Denial-of-Service (DoS) attack? What is the server and client performance when protocol or architecture changes? What if all DNS requests were made over QUIC, TCP or TLS? What about changes in DNSSEC key sizes? Ideally models would guide these questions, but DNS is extraordinarily difficult to model because of interactions of caching and implementation optimizations across levels of the DNS hierarchy and between clients and servers. We believe accurate, high-speed trace replay is essential to study many open questions in DNS, because DNS performance can be very sensitive to query timing and caching, and interactions across levels of the DNS hierarchy and multiple servers. These interactions seem impossible to model, and difficult to capture with a naive set of servers.