A Proxy View of Quality of Domain Name Service

L. Yuan, K. Kant, P. Mohapatra, C.-N. Chuah
2007 IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications  
The Domain Name System (DNS) provides a critical service for the Internet -mapping of user-friendly domain names to their respective IP addresses. Yet, there is no standard set of metrics quantifying the Quality of Domain Name Service or QoDNS, let alone a thorough evaluation of it. This paper attempts to fill this gap from the perspective of a DNS proxy/cache, which is the bridge between clients and authoritative servers. We present an analytical model of DNS proxy operations that offers
more » ... ts into the design tradeoffs of DNS infrastructure and the selection of critical DNS parameters. After validating our model against simulation results, we extend it to study the impact of DNS cache poisoning attacks and evaluate various DNS proposals with respect to the QoDNS metrics. In particular, we compare the performance of two newly proposed DNS security solutions: one based on cryptography and one using collaborative overlays. II. BACKGROUND AND RELATED WORK A. DNS Structure DNS is a hierarchically organized, distributed database starting with records for top level domains (e.g., .com or .edu) and extending down to a few levels. The fully-qualified domain name, e.g. www.intel.com, describes a complete path from the root node to this node. Each domain is associated with a set of resource records (RRset), which contain information about this domain or referrals to its sub-domains.
doi:10.1109/infcom.2007.45 dblp:conf/infocom/YuanKMC07 fatcat:csiws4ktc5h4jp5xyrm4633zii