comparing dns resolvers in the wild
DESCRIPTION
Comparing DNS Resolvers in the Wild. DNS. Domain Name System Translates domain names into IP addresses Hierarchical distributed System Nodes are called as name servers What are resolvers?. Comparing DNS Resolvers in the Wild. DNS has evolved a lot over the years - PowerPoint PPT PresentationTRANSCRIPT
Comparing DNS Resolvers in the Wild
DNS
• Domain Name System• Translates domain
names into IP addresses• Hierarchical distributed
System• Nodes are called as
name servers• What are resolvers?
Comparing DNS Resolvers in the Wild
• DNS has evolved a lot over the years• From a naming service to commodity infrastructure• Many third party DNS resolvers have been developed• E.g. OpenDNS extends DNS features by adding
misspelling correction, phishing protection, and content filtering• Do these third party DNS resolvers really improve
performance?
Content Delivery Networks
• Aim is to provide content with higher availability and performance• Brings content closer to the user by using carefully
positioned global infrastructure• This global infrastructure includes thousands of servers
spread world wide• Users, when request certain content, are directed to
closest CDN server having that data• Assumes that DNS resolver is close to the client
originating the request
DNS today : Issues
• CDN’s assumption that DNS resolver is close to the client originating the request may degrade performance• A third party DNS which is not in network on the client
may direct it to a CDN server out of it’s network • CDN’s associate a short TTL on their DNS answers making
caching useless• “NXDOMAIN catcher” can also hamper some
applications like email
DNS today : Issues -> NXDOMAIN catcher
• NXDOMAIN -> Non-Existent Domain• NXDOMAIN status code
is caught and the IP address of a certain search website is returned• Advertisements can be
inserted to get profit
Measurements
• We need to compare responsiveness of various DNS resolvers• Local Resolver• OpenDNS
• Done by performing DNS queries to 10000 hosts.• Following information collected during the measurements
• Vantage Point• Resolver• Host
Host Selection
• DNS relies on caching for efficiency• Selection done by mix of best and worst sites.• Download top 1,000,000 list of sites from Alexa• 10,000 hosts selected as follows:
• top5000 Most popular hosts which are likely to be in cache• tail2000 Less likely in the cache• embedded
Web-pages containing flash content that browser may have to retrieve from different domain
Inside facts of the measurements…
• Two hosts in same area can query DNS back to back• Response time will be shorter for the second
host as the reply will be in cache• Compares response times between first and
second query• Need to inspect timestamps in traces to find
location• Traces need to be selected that do not interact
Evaluation of DNS resolvers
• Generally, local DNS resolvers are used• Third party resolvers claim to provide advanced
services that provide web site and phishing site blocking capability along with “suggestions” for failed lookups• Main problem in third party resolvers – larger
response time• DNS performance depends of proximity of end hosts • Caching improves the latency with over 95% of
second queries answered in less than 100ms
Comparison between good ISP and bad ISP
• As can be seen in above diagram, second query has faster response time due to caching
• For second query in case of bad ISP, local DNS resolver has almost similar delay as others
DNS Deployment
• “good ISP”: response times for the second queries show only small variation and are consistently better than those for the first query.
• “bad ISP”: scattered along a horizontal and vertical line, as well as the diagonal. We explain this behavior by a load balancing setup without a shared cache.
DNS Deployment
• A similar behavior for both OpenDNS and GoogleDNS in several traces.• This shows use of load balancing for highly loaded site
• High RTTs towards the local DNS and load balancing: • DNS infrastructure is centralized and requires load
balancing to compensate for the high number of queries arriving at a single Location.
• Load balancing is Good,• But the way some ISPs are implementing it prevents
caching from being properly utilized.
DNS Answers
• Graph shows that local resolver is more likely to return IP addresses that are in client’s AS than Google or OpenDNS.
• This locally available content covers akamaized set completely that is local DNS resolvers works better for CDN content.
DNS Answers
• Graph shows number of different IP addresses returned by Local DNS and Google DNS resolver.• As, Local resolver returns IP address in the same AS as client,
it can be deduced that Google DNS directs client unnecessarily out of its network.
Summary
• End-host experiences a very small latency to the resolvers maintained by the local ISP• There does exist cases where GoogleDNS and
OpenDNS outperform• Several ISPs and OpenDNS rely on a load balancing
setup without a shared cache, resulting in poor caching efficiency.• Third-party DNS resolvers do not manage to redirect
the users towards content available within the ISP, contrary to the local DNS ones.
Just The Beginning…
Thank You