190 likes | 320 Views
Comparing DNS Resolvers in the Wild. DNS. Domain Name System Translates domain names into IP addresses Hierarchical distributed System Nodes are called as name servers What are resolvers?. Comparing DNS Resolvers in the Wild. DNS has evolved a lot over the years
E N D
DNS • Domain Name System • Translates domain names into IP addresses • Hierarchical distributed System • Nodes are called as name servers • What are resolvers?
Comparing DNS Resolvers in the Wild • DNS has evolved a lot over the years • From a naming service to commodity infrastructure • Many third party DNS resolvers have been developed • E.g. OpenDNS extends DNS features by adding misspelling correction, phishing protection, and content filtering • Do these third party DNS resolvers really improve performance?
Content Delivery Networks • Aim is to provide content with higher availability and performance • Brings content closer to the user by using carefully positioned global infrastructure • This global infrastructure includes thousands of servers spread world wide • Users, when request certain content, are directed to closest CDN server having that data • Assumes that DNS resolver is close to the client originating the request
DNS today : Issues • CDN’s assumption that DNS resolver is close to the client originating the request may degrade performance • A third party DNS which is not in network on the client may direct it to a CDN server out of it’s network • CDN’s associate a short TTL on their DNS answers making caching useless • “NXDOMAIN catcher” can also hamper some applications like email
DNS today : Issues -> NXDOMAIN catcher • NXDOMAIN -> Non-Existent Domain • NXDOMAIN status code is caught and the IP address of a certain search website is returned • Advertisements can be inserted to get profit
Measurements We need to compare responsiveness of various DNS resolvers Local Resolver OpenDNS Google Done by performing DNS queries to 10000 hosts. Following information collected during the measurements Vantage Point Resolver Host
Host Selection DNS relies on caching for efficiency Selection done by mix of best and worst sites. Download top 1,000,000 list of sites from Alexa 10,000 hosts selected as follows: top5000 Most popular hosts which are likely to be in cache tail2000 Less likely in the cache embedded Web-pages containing flash content that browser may have to retrieve from different domain
Inside facts of the measurements… Two hosts in same area can query DNS back to back Response time will be shorter for the second host as the reply will be in cache Compares response times between first and second query Need to inspect timestamps in traces to find location Traces need to be selected that do not interact
Evaluation of DNS resolvers Generally, local DNS resolvers are used Third party resolvers claim to provide advanced services that provide web site and phishing site blocking capability along with “suggestions” for failed lookups Main problem in third party resolvers – larger response time DNS performance depends of proximity of end hosts Caching improves the latency with over 95% of second queries answered in less than 100ms
Comparison between good ISP and bad ISP • As can be seen in above diagram, second query has faster response time due to caching • For second query in case of bad ISP, local DNS resolver has almost similar delay as others
DNS Deployment “good ISP”: response times for the second queries show only small variation and are consistently better than those for the first query. “bad ISP”: scattered along a horizontal and vertical line, as well as the diagonal. We explain this behavior by a load balancing setup without a shared cache.
DNS Deployment • A similar behavior for both OpenDNS and GoogleDNS in several traces. • This shows use of load balancing for highly loaded site • High RTTs towards the local DNS and load balancing: • DNS infrastructure is centralized and requires load balancing to compensate for the high number of queries arriving at a single Location. • Load balancing is Good, • But the way some ISPs are implementing it prevents caching from being properly utilized.
DNS Answers • Graph shows that local resolver is more likely to return IP addresses that are in client’s AS than Google or OpenDNS. • This locally available content covers akamaized set completely that is local DNS resolvers works better for CDN content.
DNS Answers • Graph shows number of different IP addresses returned by Local DNS and Google DNS resolver. • As, Local resolver returns IP address in the same AS as client, it can be deduced that Google DNS directs client unnecessarily out of its network.
Summary • End-host experiences a very small latency to the resolvers maintained by the local ISP • There does exist cases where GoogleDNS and OpenDNS outperform • Several ISPs and OpenDNS rely on a load balancing setup without a shared cache, resulting in poor caching efficiency. • Third-party DNS resolvers do not manage to redirect the users towards content available within the ISP, contrary to the local DNS ones.
Just The Beginning… Thank You