ABSTRACT
We report on a large-scale study of the complex client-side DNS infrastructure. Using all RIPE Atlas probes and our crowdsourced experiment, we capture clients' ingress and egress DNS resolvers from 880 ISPs in 113 different countries, around the world. We study different aspects of this mismatch - including the distance between clients and ingress/egress resolvers and cases of country-level mismatch between clients and their resolvers.
- Rami Al-Dalky, Michael Rabinovich, and Kyle Schomp. 2019. A Look at the ECS Behavior of DNS Resolvers. In Proceedings of the Internet Measurement Conference (Amsterdam, Netherlands) (IMC '19). Association for Computing Machinery, New York, NY, USA, 116--129. Google ScholarDigital Library
- Amazon. 2023. Amazon Mechanical Turk. https://www.mturk.comGoogle Scholar
- Anonymous. 2012. The Collateral Damage of Internet Censorship by DNS Injection. ACM SIGCOMM CCR 42, 3 (July 2012).Google ScholarDigital Library
- RIPE ATLAS. 2023. Atlas Console. https://atlas.ripe.netGoogle Scholar
- Timm Böttger, Felix Cuadrado, Gianni Antichi, Eder Leão Fernandes, Gareth Tyson, Ignacio Castro, and Steve Uhlig. 2019. An Empirical Study of the Cost of DNS-over-HTTPS. In Proceedings of the Internet Measurement Conference. Google ScholarDigital Library
- Ilker Nadi Bozkurt, Anthony Aguirre, Balakrishnan Chandrasekaran, P. Brighten Godfrey, Gregory Laughlin, Bruce Maggs, and Ankit Singla. 2017. Why Is the Internet so Slow?! Passive and Active Measurement (2017). Google ScholarCross Ref
- Michael Butkiewicz, Harsha V. Madhyastha, and Vyas Sekar. 2011. Understanding website complexity. Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference - IMC '11 (2011). Google ScholarDigital Library
- Matt Calder, Xun Fan, Zi Hu, Ethan Katz-Bassett, John Heidemann, and Ramesh Govindan. 2013. Mapping the expansion of Google's serving infrastructure. Proceedings of the 2013 conference on Internet measurement conference (Oct 2013). Google ScholarDigital Library
- Mariengracia Chirinos, Andrés Azpúrua, Leonid Evdokimov, and Maria Xynou. 2016. The State of Internet Censorship in Venezuela. Open Observatory of Network Interference (OONI) Blog. https://ooni.org/post/venezuela-internet-censorship/.Google Scholar
- Ben Du, Massimo Candela, Bradley Huffaker, Alex C. Snoeren, and kc claffy. 2020. RIPE IPmap Active Geolocation: Mechanism and Performance Evaluation. SIGCOMM Comput. Commun. Rev. 50, 2 (may 2020), 3--10. Google ScholarDigital Library
- Xun Fan, Ethan Katz-Bassett, and John Heidemann. 2015. Assessing Affinity Between Users and CDN Sites. https://www.isi.edu/~johnh/PAPERS/Fan15a.pdfGoogle Scholar
- Gascon. 2023. GeoDNS - The most powerful solution for your network. https://geotheory.co.uk/geodns-the-most-powerful-solution-for-your-network/Google Scholar
- Google. 2019. Get Started | Public DNS | Google Developers. https://developers.google.com/speed/public-dns/docs/usingGoogle Scholar
- IP Info. 2023. IPInfo. https://ipinfo.ioGoogle Scholar
- Thomas Koch, Ethan Katz-Bassett, John Heidemann, Matt Calder, Calvin Ardi, and Ke Li. 2021. Anycast in context: A tale of two systems. In Proceedings of the 2021 ACM SIGCOMM 2021 Conference. 398--417.Google ScholarDigital Library
- Maxmind. 2023. IP Geolocation. maxmind.com/en/geoip2-databases.Google Scholar
- Paul Mockapetris. 1987. Domain Names - Concepts and Facilities. RFC 1034. IETF.Google Scholar
- Erik Nygren, Ramesh Sitaraman, and Jennifer Sun. 2023. The Akamai Network: A Platform for High-Performance Internet Applications. https://people.cs.rutgers.edu/~rmartin/teaching/fall15/papers/arch2/cdn.pdfGoogle Scholar
- OONI. 2023. MAP State of Internet Censorship Report 2022 - Vietnam. https://ooni.org/post/2022-state-of-internet-censorship-vietnam/.Google Scholar
- Teri Radichel. 2023. Easy DNS Change To Prevent Attacks. https://medium.com/cloud-security/easy-dns-change-to-prevent-attacks-5b6708f287b3Google Scholar
- routeviews. 2023. RouteViews IPv4 Prefix to AS mappings - coalesced. https://catalog.caida.org/dataset/routeviews_ipv4_prefix2as_coalesced..Google Scholar
- Kyle Schomp, Tom Callahan, Michael Rabinovich, and Mark Allman. 2013. On measuring the client-side DNS infrastructure. In Proceedings of the 2013 conference on Internet measurement conference. 77--90.Google ScholarDigital Library
- Patrick Wendell, Joe Wenjie Jiang, Michael J. Freedman, and Jennifer Rexford. 2010. DONAR: decentralized server selection for cloud services. ACM SIGCOMM Computer Communication Review (Aug 2010), 231--242. Google ScholarDigital Library
- Maria Xynou, Arturo Filastò, Mahsa Alimardani, Sina Kouhi, Kyle Bowen, Vmon, and Amin Sabeti. 2017. Internet Censorship in Iran: Network Measurement Findings from 2014-2017. Open Observatory of Network Interference (OONI) Blog. https://ooni.org/post/iran-internet-censorship/.Google Scholar
Index Terms
- Poster: A Peek Backstage: Organizations in DNS Resolver Hierarchies
Recommendations
Comparing DNS resolvers in the wild
IMC '10: Proceedings of the 10th ACM SIGCOMM conference on Internet measurementThe Domain Name System (DNS) is a fundamental building block of the Internet. Today, the performance of more and more applications depend not only on the responsiveness of DNS, but also the exact answer returned by the queried DNS resolver, e.g., for ...
Securing DNS: Extending DNS Servers with a DNSSEC Validator
DNS Security Extensions (DNSSEC) is a proposed standard for securely authenticating information in the Domain Name System. DNSSEC validators check the digital signatures on DNS data. However, designing a validator worth the operational costs is a ...
Comments