1 / 17

Comparing DNS Resolvers in the Wild

Comparing DNS Resolvers in the Wild. DNS. Domain Name System Translates domain names into IP addresses Hierarchical distributed System Nodes are called as name servers What are resolvers?. Comparing DNS Resolvers in the Wild. DNS has evolved a lot over the years

ziazan
Download Presentation

Comparing DNS Resolvers in the Wild

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Comparing DNS Resolvers in the Wild

  2. DNS • Domain Name System • Translates domain names into IP addresses • Hierarchical distributed System • Nodes are called as name servers • What are resolvers?

  3. Comparing DNS Resolvers in the Wild • DNS has evolved a lot over the years • From a naming service to commodity infrastructure • Many third party DNS resolvers have been developed • E.g. OpenDNS extends DNS features by adding misspelling correction, phishing protection, and content filtering • Do these third party DNS resolvers really improve performance?

  4. Content Delivery Networks • Aim is to provide content with higher availability and performance • Brings content closer to the user by using carefully positioned global infrastructure • This global infrastructure includes thousands of servers spread world wide • Users, when request certain content, are directed to closest CDN server having that data • Assumes that DNS resolver is close to the client originating the request

  5. DNS today : Issues • CDN’s assumption that DNS resolver is close to the client originating the request may degrade performance • A third party DNS which is not in network on the client may direct it to a CDN server out of it’s network • CDN’s associate a short TTL on their DNS answers making caching useless • “NXDOMAIN catcher” can also hamper some applications like email

  6. DNS today : Issues -> NXDOMAIN catcher • NXDOMAIN -> Non-Existent Domain • NXDOMAIN status code is caught and the IP address of a certain search website is returned • Advertisements can be inserted to get profit

  7. Measurements We need to compare responsiveness of various DNS resolvers Local Resolver OpenDNS Google Done by performing DNS queries to 10000 hosts. Following information collected during the measurements Vantage Point Resolver Host

  8. Host Selection DNS relies on caching for efficiency Selection done by mix of best and worst sites. Download top 1,000,000 list of sites from Alexa 10,000 hosts selected as follows: top5000 Most popular hosts which are likely to be in cache tail2000 Less likely in the cache embedded Web-pages containing flash content that browser may have to retrieve from different domain

  9. Inside facts of the measurements… Two hosts in same area can query DNS back to back Response time will be shorter for the second host as the reply will be in cache Compares response times between first and second query Need to inspect timestamps in traces to find location Traces need to be selected that do not interact

  10. Evaluation of DNS resolvers Generally, local DNS resolvers are used Third party resolvers claim to provide advanced services that provide web site and phishing site blocking capability along with “suggestions” for failed lookups Main problem in third party resolvers – larger response time DNS performance depends of proximity of end hosts Caching improves the latency with over 95% of second queries answered in less than 100ms

  11. Comparison between good ISP and bad ISP • As can be seen in above diagram, second query has faster response time due to caching • For second query in case of bad ISP, local DNS resolver has almost similar delay as others

  12. DNS Deployment “good ISP”: response times for the second queries show only small variation and are consistently better than those for the first query. “bad ISP”: scattered along a horizontal and vertical line, as well as the diagonal. We explain this behavior by a load balancing setup without a shared cache.

  13. DNS Deployment • A similar behavior for both OpenDNS and GoogleDNS in several traces. • This shows use of load balancing for highly loaded site • High RTTs towards the local DNS and load balancing: • DNS infrastructure is centralized and requires load balancing to compensate for the high number of queries arriving at a single Location. • Load balancing is Good, • But the way some ISPs are implementing it prevents caching from being properly utilized.

  14. DNS Answers • Graph shows that local resolver is more likely to return IP addresses that are in client’s AS than Google or OpenDNS. • This locally available content covers akamaized set completely that is local DNS resolvers works better for CDN content.

  15. DNS Answers • Graph shows number of different IP addresses returned by Local DNS and Google DNS resolver. • As, Local resolver returns IP address in the same AS as client, it can be deduced that Google DNS directs client unnecessarily out of its network.

  16. Summary • End-host experiences a very small latency to the resolvers maintained by the local ISP • There does exist cases where GoogleDNS and OpenDNS outperform • Several ISPs and OpenDNS rely on a load balancing setup without a shared cache, resulting in poor caching efficiency. • Third-party DNS resolvers do not manage to redirect the users towards content available within the ISP, contrary to the local DNS ones.

  17. Just The Beginning… Thank You

More Related