Abstract
Domain name system (DNS) resolution service is usually provisioned by multiple authoritative servers for performance and robustness. Estimating the query load distribution among multiple authoritative servers is one of the key issues arising with DNS server load balancing and optimization. We propose an analytical model of Round-Trip-Time (RTT)-sensitive server selections consisting of cache servers, authoritative servers and clients, which makes it possible to infer DNS server load accurately. A DNS server fingerprint approach is then proposed to identify RTT-sensitive server selections from BIND’s. Finally, we present a server load estimation method based on server selection classification. Under BIND server selection algorithm, the solution of the server selection model is obtained using iteration method, which is validated by the simulation results. Key words: Round-Trip-Time, domain name system (DNS) server fingerprint, server selection, load distribution estimation.
Highlights
The domain name system (DNS) is one of the most fundamental components of the today’s Internet, providing a critical link between human users and Internet locations by mapping host names to IP addresses
We propose an analytical model of Round-Trip-Time (RTT)-sensitive server selections consisting of cache servers, authoritative servers and clients, which makes it possible to infer DNS server load accurately
The cache server decides which authoritative server is the destination per its server selection algorithm
Summary
The domain name system (DNS) is one of the most fundamental components of the today’s Internet, providing a critical link between human users and Internet locations by mapping host names to IP addresses. As the DNS specifications (Mockapetris, 1987) are vague on server selection algorithms, current cache server implementations show different effects in their query distribution among a set of authority servers. Most of the alternative implementations exhibits sub-optimal server selection behavior, distributing queries evenly among all authoritative servers. Impacts of such amplification attack bear little direct relation to server load distribution because the amplified flooding responses from multiple servers are virtually aggregated by cache servers before being forwarded towards victim end users. A robust counter measure against this type of threats is proposed based on Bloom filters (Sebastiano and Dario, 2011) It is deployed at the side of victim end users, irrelevant to cache server’s and authoritative server’s behavior. (2013) passively monitored DNS and related traffic within a residential network in an effort to understand server behavior--as viewed through DNS responses, and client behavior--as viewed through both DNS requests and traffic that follow DNS responses
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
