CS5229 09/10 Lecture 11: DNS

1

DNS

6 November 2009 CS5229 Semester 1 2009/10

2 CS5229 Semester 1 2009/10

root

.com .org .sg

nus pbs google yahoo ntu

3 CS5229 Semester 1 2009/10

root server

.sg

.nus local DNS

dig +trace www.nus.sg

4

uses UDP


5

Resource Record"(name, TTL, class, type, value)"


ns1.nus.edu.sg. 6562 IN A 137.132.123.4

6

TTL-based Caching


7

Resource Type"A NS PTR MX CNAME …"


ns1.nus.edu.sg. 6562 IN A 137.132.123.4

8

DNS-based "Load Balancing


9

DNS-based "Server Selection


10

how fast?"how efficient? "

is caching useful?"how big should TTL be?


11

“DNS Performance and Effectiveness of Caching”"

J Jung et. al."IEEE TON 2002


12 6 November 2009 CS5229 Semester 1 2009/10

Internet

Logger

MIT Subnets

13

3 traces"1 week each


14

DNS query/respose"TCP SYN/FIN/RST


15

basic analysis



60.4 24.6

6.8 6.4

DNS Query Types for mit-jan00

A PTR MX ANY Others

17

496,802"lookups followed by TCP

connections"

3,619,173"TCP connections


18

80-87%"DNS cache hit ratio"

for A lookup


19

not very high since it includes Web browser’s"

caching too


20

how fast is DNS lookup?

6 November 2009 CS5229 Semester 1, 2009/10

21

lookup latency ≈ "time between first query"

and last response


22

kaist

mit

23

74.62

24.07

1.16 0.15

mit-jan00

0

1

2

> 2

Number of referals per lookup

24

0

1

2

25

NS Cache"miss: first query to gTLD or root servers"

hit: otherwise


26

miss

hit

27

2,486,104"iterative lookups"

6,039,582"query packets


28

significant number of retransmissions


29

~24%"of lookups are unanswered


30

persistent retransmission"referral loops


31

zero referral

answered

32

no need to retransmit beyond 2-3 retransmissions!


33

loops

34

each loop generated on average"

10"query packets


35

~60%"of all queries are generated by

unanswered lookup


36

popularity of domain name follows "

Zipf"distribution


37

Frequency of the x-th most popular item is

38

popularity of web pages"population of countries"occurances of English words" :" :

39

40

41

42

long tail :"

46%"of domain names "are accessed once

43

44

20%"DNS responses are "

from root/gTLD servers

45

without caching NS records:"

5X"loads on root/gTLD servers

46

kaist

mit

47

popular sites have shorter TTL"

TLL reduces over time


49

sharing cache does not help

50

51

large TTL does not help

53

“King: Estimating Latency between Arbitrary End

Hosts”"Gummadi et. al."

IMC 2002


54

how to find alternate path "with lower latency?

55

need to find latency between pair of Internet hosts

56

assume name server "is close to end host


authorative NS

authorative NS

58

how to find a name server close to an end host?"

look at domain name, IP prefix

59

how likely does a name server allow recursive query?"

> 72% of name server tested

60

how accurate is the estimated latency?

61

62

63

how close, really, is an end host to its authorative NS?

64

65

66

67

many diverged paths consist of routers that are physically

adjacent

68

75-80% of the disjoint paths have latency less than 10ms"

in the Napster trace

69

Summary:"Measurement study of DNS"

Use DNS to do measurement

Technology

CS5229 09/10 Lecture 11: DNS