research-article

A day at the root of the internet

Online:30 September 2008Publication History

Abstract

We analyzed the largest simultaneous collection of full-payload packet traces from a core component of the global Internet infrastructure ever made available to academic researchers. Our dataset consists of three large samples of global DNS traffic collected during three annual "Day in the Life of the Internet" (DITL) experiments in January 2006, January 2007, and March 2008. Building on our previous comparison of DITL 2006 and DITL 2007 DNS datasets [28], we venture to extract historical trends, comparisons with other data sources, and interpretations, including traffic growth, usage patterns, impact of anycast distribution, and persistent problems in the root nameserver system that reflect ominously on the global Internet. Most notably, the data consistently reveals an extraordinary amount of DNS pollution -- an estimated 98% of the traffic at the root servers should not be there at all. Unfortunately, there is no clear path to reducing the pollution, so root server operators, and those who finance them, must perpetually overprovision to handle this pollution. Our study presents the most complete characterization to date of traffic reaching the roots, and while the study does not adequately fulfill the "Day in the Life of the Internet" vision, it does succeed at unequivocally demonstrating that the infrastructure on which we are all now betting our professional, personal, and political lives deserves a closer and more scientific look.

References

  1. IPv6 Address Added for Root Servers in the Root Zone. http://www.icann.org/en/announcements/announcement-04feb08.htm.Google ScholarGoogle Scholar
  2. Global Environment for Network Investigation (now "innovations"), 2005. http://www.geni.net.Google ScholarGoogle Scholar
  3. A Day in the Life, 2006. http://blog.caida.org/best available data/2006/09/04/a-day-in-the-life/.Google ScholarGoogle Scholar
  4. Top ten things lawyers should know about Internet research, #3, 2008. http://blog.caida.org/best available data/2008/04/18/top-ten-things-lawyers-should-know-about-internet-research-3/.Google ScholarGoogle Scholar
  5. D.E. 3rd, E. Brunner-Williams, and B. Manning. Domain Name System IANA Considerations, 2000. http://www.rfc-editor.org/rfc/rfc2929.txt.Google ScholarGoogle Scholar
  6. A. Broido, Y. Hyun, M. Fomenkov, and K. Claffy. The windows of private DNS updates. SIGCOMM Comput. Commun. Rev., 36(3):93--98, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. A. Broido, Y. Hyun, R. Gao, and K. Claffy. Their share: diversity and disparity in IP traffic. In PAM 2004 Proceedings, pages 113--125, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  8. CAIDA and DNS-OARC. A Report on DITL data gathering Jan 9-10th 2007. http://www.caida.org/projects/ditl/summary-2007-01/.Google ScholarGoogle Scholar
  9. N.R. Council. Looking over the Fence: A Neighbor's View of Networking Research. National Academies Press, 2001.Google ScholarGoogle Scholar
  10. P.B. Danzig, K. Obraczka, and A. Kumar. An analysis of wide-area name server traffic: a study of the Internet Domain Name System. SIGCOMM Comput. Commun. Rev., 22(4):281--292, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. DNS-OARC. Domain Name System Operations, Analysis, and Research Center. https://www.dns-oarc.net/.Google ScholarGoogle Scholar
  12. Duane Wessels. https://www.dns-oarc.net/oarc/services/dnsentropy.Google ScholarGoogle Scholar
  13. T. Hardie. Distributing Authoritative Nameservers via Shared Unicast Addresses, 2002. http://www.ietf.org/rfc/rfc3258.txt. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. IANA. List of valid TLD. http://data.iana.org/TLD/tlds-alpha-by-domain.txt.Google ScholarGoogle Scholar
  15. ICANN. Root servers attack factsheet, 2007. http://www.icann.org/announcements/factsheet-dns-attack-08mar07.pdf.Google ScholarGoogle Scholar
  16. C. D. in the Life of the Internet (DITL) Project Team. Day in the Life of the Internet, January 9-10, 2007 (DITL-2007-01-09) (collection). http://imdc.datcat.org/collection/1-031B-Q=Day+in+the+Life+of+the+Internet%2C+January+9-10%2C+2007+%28DITL-2007-01-09%29.Google ScholarGoogle Scholar
  17. C. D. in the Life of the Internet (DITL) Project Team. Day in the Life of the Internet, March 18-19, 2008 (DITL-2008-03-18) (collection). http://imdc.datcat.org/collection/1-05MM-F=Day+in+the+Life+of+the+Internet%2C+March+18-19%2C+2008+%28DITL-2008-03-18%29.Google ScholarGoogle Scholar
  18. M. Larson and P. Barber. Observed DNS Resolution Misbehavior. http://www.ietf.org/rfc/rfc4697.txt.Google ScholarGoogle Scholar
  19. T. Lee, B. Huffaker, M. Fomenkov, and K. Claffy. On the problem of optimization of DNS root servers' placement. In PAM 2003 Proceedings, 2003.Google ScholarGoogle Scholar
  20. O. Lendl and L.A. Kaplan. Patching Nameservers: Austria reacts to VU#800113. http://cert.at/static/cert.at-0802-DNS-patchanalysis.pdf.Google ScholarGoogle Scholar
  21. Z. Liu, B. Huffaker, N. Brownlee, and K. Claffy. Two Days in the Life of the DNS Anycast Root Servers. In PAM 2007 Proceedings, pages 125--134, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. D. Malone. The root of the matter: hints or slaves. In IMC'04: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pages 15--20, New York, NY, USA, 2004. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. P. Mockapetris. Domain Names - Concepts and Facilities, 1987.Google ScholarGoogle Scholar
  24. A. Odlyzko. Minnesota Internet Traffic Studies (MINTS). http://www.dtc.umn.edu/mints/home.php.Google ScholarGoogle Scholar
  25. R.S. Operators. Root Server Technical Operations. http://www.root-servers.org/.Google ScholarGoogle Scholar
  26. V. Pappas, P. Fältström, D. Massey, and L. Zhang. Distributed DNS troubleshooting. In NetT'04: Proceedings of the ACM SIGCOMM workshop on Network troubleshooting, pages 265--270, New York, NY, USA, 2004. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. V. Pappas, Z. Xu, S. Lu, D. Massey, A. Terzis, and L. Zhang. Impact of configuration errors on DNS robustness. SIGCOMM Comput. Commun. Rev., 34(4):319--330, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. S. Castro, D. Wessels, and Kimberly Claffy. A Comparison of Traffic from the DNS Root Nameservers as Measured in DITL 2006 and 2007. http://www.caida.org/research/dns/roottraffic/comparison06 07.xml.Google ScholarGoogle Scholar
  29. US-CERT. Vulnerability note VU#800113: Multiple DNS implementations vulnerable to cache poisoning. http://www.kb.cert.org/vuls/id/800113.Google ScholarGoogle Scholar
  30. W. van Wanrooij and A. Pras. DNS Zones Revisited. Open European Summer School and IFIP WG6.4/6.6/6.9 Workshop (EUNICE), 2005.Google ScholarGoogle Scholar
  31. D. Wessels. dnstop. http://www.caida.org/tools/utilities/dnstop/.Google ScholarGoogle Scholar
  32. D. Wessels. Is your caching resolver polluting the internet? In NetT'04: Proceedings of the ACM SIGCOMM workshop on Network troubleshooting, pages 271--276, New York, NY, USA, 2004. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. D. Wessels. Measuring DNS Source Port Randomness. First CAIDA/WIDE/CASFI workshop, August 2008. http://www.caida.org/workshops/wide/0808/slides/source port randomness.pdf.Google ScholarGoogle Scholar
  34. D. Wessels and M. Fomenkov. Wow, That's a lot of packets. In PAM 2002 Proceedings, 2002.Google ScholarGoogle Scholar
  35. D. Wessels, M. Fomenkov, N. Brownlee, and K. Claffy. Measurements and Laboratory Simulations of the Upper DNS Hierarchy. In PAM 2004 Proceedings, pages 147--157, 2004.Google ScholarGoogle Scholar

Index Terms

  1. A day at the root of the internet

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!