two days in the life of the dns anycast root servers
play

Two days in The Life of The DNS Anycast Root Servers Ziqian Liu - PowerPoint PPT Presentation

Aug 17, 2023 •29 likes •289 views

Two days in The Life of The DNS Anycast Root Servers Ziqian Liu Beijing Jiaotong Univeristy Bradley Huffaker, Marina Fomenkov Nevil Brownlee, and kc claffy CAIDA PAM2007 Outline DNS root servers DNS anycast in root servers Data

  1. Two days in The Life of The DNS Anycast Root Servers Ziqian Liu Beijing Jiaotong Univeristy Bradley Huffaker, Marina Fomenkov Nevil Brownlee, and kc claffy CAIDA PAM2007

  2. Outline • DNS root servers • DNS anycast in root servers • Data • Traffic difference in anycast instances • Anycast coverage • Conclusion

  3. DNS Root Servers • Tree-structured distributed database Root Level country code generic TLD TLD Top Level Domain gov com edu org cn us (TLD) Second Level Domain google sun ucsd caida acm (SLD) maps cse www staff • Root servers provide authoritative referrals to name servers for gTDL and ccTLD domains. • Only 13 root servers world wide [A-M].root-servers.net

  4. DNS Anycast in Root Servers • What is anycast – Anycast group • A set of instances that are run by the same organization and use the same IP address – the service address – but are physically different nodes. • e.g., k.root-servers.net – RIPE – 17 instances – 194.0.14.129 – For a DNS root servers, anycast provides a service where by clients send requests to the service address and the network delivers that request to at least one, preferably the closest, instance in the root server’s anycast group.

  5. DNS Anycast in Root Servers (2) • How to deploy – Every instance in the anycast group announces reachability for the same prefix – service supernet – that covers the service address by BGP. • e.g k.root-servers.net 193.0.14.0/24 • So, multiple AS paths are advertising the same prefix. – Different BGP routing policies: • Local instance – Limit the catchment area by using no-export community • Global instance – Globally visible – Use AS-prepending to decrease the likelihood of their selection over a local instance

  6. DNS Anycast in Root Servers (3) C, F, I, J, K and M roots (6/13) have deployed anycast . • – Over 120 root instances all togther (www.root-servers.org) • What’s the benefit? – Allow the system to grow beyond the static 13 servers while avoiding a change to the existing protocol – Bring DNS service closer to the clients – Provide relatively reliable and stable service compared to a non- distributed structure. • Separate the server/network failure • Mitigate the impact of malicious traffic – Oct 2002 DDoS attack against 13 root servers – Feb 2007 DDoS attack against root servers and gTLD servers

  7. http://dnsmon.ripe.net/ M G L F

  8. Data • ISC/ OARC (DNS Operations and Analysis Research Center) /CAIDA have been conducting measurement at the DNS root servers • Three anycast root servers: – C-root: 4 of 4 instances – F-root: 33 of 37 instances (40 up-to-date) – K-root: 16 of 17 instances • Time – Tue Jan 10~Wed Jan 11, 2006, UTC, – 47.2 hour long (~2 days) • Data format – Full record tcpdump traces • Our Focus: IPv4 UDP DNS requests • Available at http://imdc.datcat.org

  9. Traffic difference – Diurnal pattern Tokyo noon back

  10. Traffic difference – Traffic load 5 x 10 2500 10 linx* pao1* C-root C-root iad1* iad1* F-root F-root 2000 8 K-root K-root pao1* # requests/sec) ord1* ams-ix* linx* 1500 # IP addresses lax1* 6 lax1* ams-ix* nap* 1000 4 sfo2* denic muc1 ord1* ams1 nap* jfk1* sfo2* ams1 gru1 tokyo* 500 2 lga1 jfk1* denic lga1 delhi* tokyo* muc1 delhi* gru1 0 0 0 10 20 30 40 50 60 0 10 20 30 40 50 60 Instance Instance (a) Average request rate (b) Number of clients Note • Both plots have the same x-axis intance order – instances within each group are arranged in an increasing request rate order • Global instances are marked with *

  11. General statistics – Clients vs. Requests 6 10 During the 2 days: 4 10 • 80% of the 2.5M clients sent <100 # clients reqs to the three roots 2 • 15 clients sent > 10M reqs 10 • Top client sent > 30M reqs i.e. ~ 174reqs/sec ! 0 10 0 2 4 6 8 10 10 10 10 10 # requests

  12. Anycast coverage Geographic • – Client location: map client IP address to Geo info by using NetAcuity database – Instance location: coordinates of the closest airport – Distance: great circle distance Topological: • – Route Views BGP table on Jan 10, 2006 for ASN and prefix

  13. Anycast coverage – geographic distr. • Client Continental distribution F: San Francisco (US) F: Auckland (NZ) F: New York (US) F: Brisbane (AU) F: Santiago (CL) F: Tel Aviv (IL) K: Tokyo (JP) F: Sao Paulo (BR) F:Johannesburg(SA) K: Reykjavik (IS) K: Helsinki (FI) 100 75 Oceania Asia % 50 Africa Europe S. Amer 25 N. Amer 0 N.Amer S.Amer Europe Africa Asia Oceania sfo2 pao1 F: nap linx ams-ix delhi tokyo K: C: lax1 ord1 iad1 jfk1

  14. Anycast coverage – geographic distr. • DNS request continental distribution F: San Francisco (US) F: Auckland (NZ) F: Brisbane (AU) F: New York (US) F: Santiago (CL) F: Tel Aviv (IL) K: Tokyo (JP) F:Johannesburg(SA) F: Sao Paulo (BR) K: Reykjavik (IS) K: Helsinki (FI) 100 75 Oceania Asia % 50 Africa Europe S. Amer 25 N. Amer 0 N.Amer S.Amer Europe Africa Asia Oceania F: sfo2 pao1 nap linx ams-ix tokyo delhi K: ord1 iad1 jfk1 C: lax1

  15. Anycast coverage – geographic distr.(2) • Distance distribution (instance client) C-root

  16. Anycast coverage – geographic distr.(3) • Distance distribution (instance client) F-root

  17. Anycast coverage – geographic distr.(4) • Distance distribution (instance client) K-root

  18. Anycast coverage – geographic distr.(5) • Additional distance = distance from the client to the instance it requests – distance from the client to the closest instance

  19. Anycast coverage – topological coverage Topological scope: observed 19,237 ASes, RouteViews 21,883 ASes (~88%) % = # seen by instance / # seen by all 70 70 C-root C-root F-root F-root 60 60 K-root K-root pao1* iad1* pao1* 50 50 linx* linx* iad1* 40 40 % % ams-ix* 30 30 lax1* lax* ams-ix* ord1* ord* sfo2* nap* 20 20 nap* jfk* sfo2* jfk1* delhi* 10 10 delhi* ams1 denic lga1 muc1 denic ams1 tokyo* lga1 tokyo* muc1 0 0 0 10 20 30 40 50 60 0 10 20 30 40 50 60 Instance Instance AS level Prefix level Both plots have the same x-axis intance order – instances within each group are arranged in an increasing AS coverage percentage order

  20. Anycast coverage – topological coverage (2) • denic – K-root local instance in Frankfurt, Germany – AS paths observed from RouteViews: 193.0.14.0/24 “3292 8763 25152 i” “4513 8763 25152 i” “12956 8763 25152 i” – AS12956 belongs to Telefonica which has a large-scale coverage F: San Francisco (US) F: Auckland (NZ) F: New York (US) F: Brisbane (AU) denic F: Santiago (CL) F: Tel Aviv (IL) K: Tokyo (JP) F: Sao Paulo (BR) F:Johannesburg(SA) K: Reykjavik (IS) K: Helsinki (FI) 100 75 Oceania Asia % 50 Africa Europe S. Amer 25 N. Amer 0 N.Amer S.Amer Europe Africa Asia Oceania sfo2 pao1 F: nap linx ams-ix delhi tokyo K: C: iad1 jfk1 lax1 ord1

  21. Anycast coverage – topological coverage (3) • tokyo – K-root global instance in Tokyo, Japan – AS paths observed from RouteViews: 193.0.14.0/24 “4713 25152 25152 25152 25152 i” – The longest among all five K-root global instances ! F: San Francisco (US) F: Auckland (NZ) F: New York (US) F: Brisbane (AU) F: Santiago (CL) F: Tel Aviv (IL) K: Tokyo (JP) F: Sao Paulo (BR) F:Johannesburg(SA) K: Reykjavik (IS) K: Helsinki (FI) 100 75 Oceania Asia % 50 Africa Europe S. Amer 25 N. Amer 0 N.Amer S.Amer Europe Africa Asia Oceania sfo2 pao1 F: nap linx ams-ix delhi tokyo K: C: lax1 ord1 iad1 jfk1

  22. Anycast coverage – topological coverage (4) • lax1 – F-root local instance in LA, U.S. – AS paths observed from RouteViews: 192.5.5.0/24 “7660 2516 27318 3557 i” “7500 2497 27318 3557 i” “2497 27318 3557 i” Both AS7660 and AS2516 are in Japan! F: San Francisco (US) F: Auckland (NZ) F: New York (US) F: Brisbane (AU) F: Santiago (CL) F: Tel Aviv (IL) K: Tokyo (JP) f-lax1 F: Sao Paulo (BR) F:Johannesburg(SA) K: Reykjavik (IS) K: Helsinki (FI) 100 75 Oceania Asia % 50 Africa Europe S. Amer 25 N. Amer 0 N.Amer S.Amer Europe Africa Asia Oceania go sfo2 pao1 F: nap linx ams-ix delhi tokyo K: C: iad1 jfk1 lax1 ord1

  23. Anycast coverage – instance affinity Anycast improves stability by shortening AS paths • Anycast increases chance of inconsistency among instances • and of clients’ transparent shifting to different instances. Given DNS traffic is dominated by UDP, route flapping is • unimportant But if DNS uses stateful transaction(TCP, fragmented • UDP)…[Barber,NANOG32] Recent studies [Lorenzo] [Boothe,APNIC19] • [Karrenberg,NANOG34]suggests the impact of routing switches on the query performance is rather minimal

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

F root anycast: What, why and how Joo Damas ISC Overview What is a root server? What is

F root anycast: What, why and how Joo Damas ISC Overview What is a root server? What is

F root anycast: What, why and how Joo Damas ISC Overview What is a root server? What is F? What is anycast? F root anycast. Why? How does ISC do it? What is f.root-servers.net? One the Internets official DNS root servers

456 views • 24 slides
Internet Anycast: Performance, Problems and Potential Zhihao Li , Dave Levin, Neil Spring, Bobby

Internet Anycast: Performance, Problems and Potential Zhihao Li , Dave Levin, Neil Spring, Bobby

Internet Anycast: Performance, Problems and Potential Zhihao Li , Dave Levin, Neil Spring, Bobby Bhattacharjee University of Maryland 1 Anycast is increasingly used DNS root servers: All 13 DNS root servers Open DNS resolvers:

672 views • 33 slides
Tier-1s break Anycast DNS Zhihao Li, Neil Spring D-Root: 199.7.91.13 111 Anycast

Tier-1s break Anycast DNS Zhihao Li, Neil Spring D-Root: 199.7.91.13 111 Anycast

Tier-1s break Anycast DNS Zhihao Li, Neil Spring D-Root: 199.7.91.13 111 Anycast replicas: 19 global (red): advertised without restriction 92 local (black): advertised one hop in BGP Anycast Mental model: Packets sent to

646 views • 29 slides
Anycast policy proposal AFPUB-2012-V4-001-DRAFT-01 Anycastmany servers all answering using 1

Anycast policy proposal AFPUB-2012-V4-001-DRAFT-01 Anycastmany servers all answering using 1

Anycast policy proposal AFPUB-2012-V4-001-DRAFT-01 Anycastmany servers all answering using 1 IP: F-root: 192.5.5.241 and 2001:500:2f::f Anycastmany servers all answering using 1 IP address In practice, this means that the whole /24

95 views • 8 slides
dnsprobe for probing anycast DNS -- Analysis &amp; Future Work -- Yuji Sekiya WIDE Project

dnsprobe for probing anycast DNS -- Analysis &amp; Future Work -- Yuji Sekiya WIDE Project

dnsprobe for probing anycast DNS -- Analysis &amp; Future Work -- Yuji Sekiya WIDE Project &lt;sekiya@wide.ad.jp&gt; What is dnsprobe ? dnsprobe is a tool for probing RTT hostname.bind To DNS Server Set Root DNS Servers

489 views • 31 slides
Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver

Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver

Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net A 192.5.6.30 Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver

684 views • 26 slides
Anycast Routing in OLSR MANETs (A sample deployment) Justin Dean 4 th OLSR Interop Ottawa, CA

Anycast Routing in OLSR MANETs (A sample deployment) Justin Dean 4 th OLSR Interop Ottawa, CA

Anycast Routing in OLSR MANETs (A sample deployment) Justin Dean 4 th OLSR Interop Ottawa, CA 10/14/08 Anycast definitions Anycast addressing assigning a common IP address to multiple instance of the same service.. 1 Anycast

794 views • 19 slides
Active measurements to Root DNS servers especially from Asian countries Yuji Sekiya

Active measurements to Root DNS servers especially from Asian countries Yuji Sekiya

Active measurements to Root DNS servers especially from Asian countries Yuji Sekiya sekiya@wide.ad.jp Probing Use dnsprobe with dialup connection 1 probe 30 min Running three dnsprobe processes Probed between 25 th Feb. and

605 views • 27 slides
#100DAYSOFQS: MAKING DATA ART FOR 100 DAYS 100 days is a lot of days HI, IM LILLIAN! Ive

#100DAYSOFQS: MAKING DATA ART FOR 100 DAYS 100 days is a lot of days HI, IM LILLIAN! Ive

#100DAYSOFQS: MAKING DATA ART FOR 100 DAYS 100 days is a lot of days HI, IM LILLIAN! Ive been tracking data about myself for 11 years. Find what I use at anomalily.net/life-stack#qs (almost) Each year* I compile an annual report

484 views • 29 slides
Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver

Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver

Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net A 192.5.6.30 www.google.com A? Client's a.gtld-servers.net google.com. NS ns1.google.com Resolver ns1.google.com A

375 views • 13 slides
FRIEND IN BAD DAYS LIFE INSURANCE Life Insurance aims at fulfilling all your dreams, in your

FRIEND IN BAD DAYS LIFE INSURANCE Life Insurance aims at fulfilling all your dreams, in your

FRIEND IN BAD DAYS LIFE INSURANCE Life Insurance aims at fulfilling all your dreams, in your Absence too !! Make I&amp;I the Genie for your family! PRESENTATION Policy that suits every pocket MONEY BACK ILLNESS PLAN CRITICAL PLAN

289 views • 3 slides
Anycast census and geolocation AIMS: Workshop on Active Internet Measurements 31 March - 2 April

Anycast census and geolocation AIMS: Workshop on Active Internet Measurements 31 March - 2 April

Anycast census and geolocation AIMS: Workshop on Active Internet Measurements 31 March - 2 April 2015 Cicalese Danilo Jordan Auge Diana Joumblatt Dario Rossi Timur Friedman Here is where the anycast instances are Demo: goo.gl/Ff8gdQ 12

338 views • 19 slides
Characterizing IPv4 Anycast Adoptjon and Deployment Dario Rossi Professor

Characterizing IPv4 Anycast Adoptjon and Deployment Dario Rossi Professor

Characterizing IPv4 Anycast Adoptjon and Deployment Dario Rossi Professor dario.rossi@telecom-paristech.fr htup://www.enst.fr/~drossi/anycast Joint work with D.Cicalese, J. Auge, D. Joumblatu and T. Friedman Talk Teaser A seminal work [4] at

748 views • 50 slides
.CL anycast switching experiment Sebastian Castro secastro@caida.org secastro@nic.cl CAIDA

.CL anycast switching experiment Sebastian Castro secastro@caida.org secastro@nic.cl CAIDA

.CL anycast switching experiment Sebastian Castro secastro@caida.org secastro@nic.cl CAIDA NIC Chile 8 th CAIDA/WIDE workshop July, 2007 Introduction The anycast technology has been widely deployed in various DNS services around the

291 views • 17 slides
CloudFlare DNS Anycast Services lafur Gu mundsson | olafur@cloudflare.com Network Over 80

CloudFlare DNS Anycast Services lafur Gu mundsson | olafur@cloudflare.com Network Over 80

CloudFlare DNS Anycast Services lafur Gu mundsson | olafur@cloudflare.com Network Over 80 locations soon All services over Anycast 2 CloudFlare DNS expertise Deliver DNS answers in fast and reliable manner worldwide

545 views • 7 slides
PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

Mario Vuksan &amp; Tomislav PericinBlackHat USA 2013, Las Vegas PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO CONTINUE: CONTINUE: CONTINUE: CONTINUE:

690 views • 45 slides
Groundwater Surface Water interactions on Satinleaf Tree Island, Everglades National Park

Groundwater Surface Water interactions on Satinleaf Tree Island, Everglades National Park

Groundwater Surface Water interactions on Satinleaf Tree Island, Everglades National Park Pamela L. Sullivan and Ren M. Price Hammock Bayhead Bayhead Swamp Florida International University Department of Earth and the Environment

288 views • 17 slides
On the Evolution of U.S. Temperature Volatility Francis X. Diebold University of Pennsylvania

On the Evolution of U.S. Temperature Volatility Francis X. Diebold University of Pennsylvania

On the Evolution of U.S. Temperature Volatility Francis X. Diebold University of Pennsylvania Glenn D. Rudebusch Federal Reserve Bank of San Francisco June 20, 2019 1 / 35 Climate Change... ... is a multidimensional shift in the joint

811 views • 35 slides
A View of Cloud Computing Summary by Nikhil Buduma Cloud Computing Definition Refers to: 1)

A View of Cloud Computing Summary by Nikhil Buduma Cloud Computing Definition Refers to: 1)

A View of Cloud Computing Summary by Nikhil Buduma Cloud Computing Definition Refers to: 1) applications delivered over the Internet 2) Hardware and systems software in data centers that provide these services The composite of SaaS

551 views • 16 slides
INFERRING PERSISTENT INTERDOMAIN CONGESTION Amogh Dhamdhere with David Clark, Alex

INFERRING PERSISTENT INTERDOMAIN CONGESTION Amogh Dhamdhere with David Clark, Alex

INFERRING PERSISTENT INTERDOMAIN CONGESTION Amogh Dhamdhere with David Clark, Alex Gamero-Garrido, Matthew Luckie, Ricky Mok, Gautam Akiwate, Kabir Gogia, Vaibhav Bajpai, Alex Snoeren, k Claffy w w w . cai da. or Problem: High Volume

1.04k views • 84 slides
Dr. Ramanan Krishnamoorti Chief Energy Officer UH Energy Hydrogen October 23 rd October 30 th

Dr. Ramanan Krishnamoorti Chief Energy Officer UH Energy Hydrogen October 23 rd October 30 th

Dr. Ramanan Krishnamoorti Chief Energy Officer UH Energy Hydrogen October 23 rd October 30 th Circular Plastics Economy To learn more about the Houston: Low-Carbon Energy Capital Four Ways Forward series visit:

873 views • 37 slides
The Met Office Weakly-Coupled Atmosphere/Land/Ocean/Sea-Ice Data Assimilation System Isabelle

The Met Office Weakly-Coupled Atmosphere/Land/Ocean/Sea-Ice Data Assimilation System Isabelle

The Met Office Weakly-Coupled Atmosphere/Land/Ocean/Sea-Ice Data Assimilation System Isabelle Mirouze, Dan Lea, Matt Martin, Ann Shelly, Adrian Hines, Peter Sykes Technical design First assessments Analysis runs Forecast runs Conclusion and

598 views • 34 slides
Measuring and Optimizing Tail Latency Kathryn S McKinley, Google CRA-W Undergraduate Town Hall

Measuring and Optimizing Tail Latency Kathryn S McKinley, Google CRA-W Undergraduate Town Hall

Measuring and Optimizing Tail Latency Kathryn S McKinley, Google CRA-W Undergraduate Town Hall April 5 th , 2018 Speaker &amp; Moderator The image part with relationship ID rId3 was not found in the file. Lori Pollock Kathryn S McKinley Dr.

677 views • 40 slides
Intraday Trading Invariants for Equity-Index Futures Torben G. Andersen, Oleg Bondarenko, Albert

Intraday Trading Invariants for Equity-Index Futures Torben G. Andersen, Oleg Bondarenko, Albert

Intraday Trading Invariants for Equity-Index Futures Torben G. Andersen, Oleg Bondarenko, Albert S. Kyle and Anna Obizhaeva Fields Institute Toronto, Canada January 2015 Andersen, Bondarenko, Kyle, and Obizhaeva Intraday Invariance 1/29

402 views • 29 slides

More recommend