research-article

Clouding up the Internet: how centralized is DNS traffic becoming?

Authors:

Giovane C. M. Moura,

Sebastian Castro,

Maarten Wullink, and

Cristian HesselmanAuthors Info & Claims

IMC '20: Proceedings of the ACM Internet Measurement Conference

October 2020

Pages 42 - 49

https://doi.org/10.1145/3419394.3423625

Published: 27 October 2020 Publication History

Abstract

Concern has been mounting about Internet centralization over the few last years -- consolidation of traffic/users/infrastructure into the hands of a few market players. We measure DNS and computing centralization by analyzing DNS traffic collected at a DNS root server and two country-code top-level domains (ccTLDs) -- one in Europe and the other in Oceania -- and show evidence of concentration. More than 30% of all queries to both ccTLDs are sent from 5 large cloud providers. We compare the clouds resolver infrastructure and highlight a discrepancy in behavior: some cloud providers heavily employ IPv6, DNSSEC, and DNS over TCP, while others simply use unsecured DNS over UDP over IPv4. We show one positive side to centralization: once a cloud provider deploys a security feature -- such as QNAME minimization -- it quickly benefits a large number of users.

Supplementary Material

MP4 File (imc2020-paper80-long_01.mp4)

IMC2020 Video Presentation for paper "Clouding up the Internet: how centralized is DNS traffic becoming?"

Download
41.34 MB

References

[1]

1.1.1.1. 2018. The Internets Fastest, Privacy-First DNS Resolver. https://1.1.1.1/.https://1.1.1.1/

[2]

Mark Allman. 2018. Comments on DNS Robustness. In Proceedings of the Internet Measurement Conference 2018 (Boston, MA, USA) (IMC 18). Association for Computing Machinery, New York, NY, USA, 84--90. https://doi.org/10.1145/3278532.3278541

Digital Library

[3]

R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. 2005. DNS Security Introduction and Requirements. RFC 4033. IETF. http://tools.ietf.org/rfc/rfc4033.txt

[4]

R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. 2005. Protocol Modifications for the DNS Security Extensions. RFC 4035. IETF. http://tools.ietf.org/rfc/rfc4035.txt

[5]

R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. 2005. Resource Records for the DNS Security Extensions. RFC 4034. IETF. http://tools.ietf.org/rfc/rfc4034.txt

[6]

J. Arkko. 2019. Centralised Architectures in Internet Infrastructure. Internet Draft. https://tools.ietf.org/html/draft-arkko-arch-infrastructure-centralisation-00

[7]

Jari Arkko. 2020. The influence of Internet architecture on centralised versus distributed Internet services. Journal of Cyber Policy 5, 1 (2020), 30--45. https://doi.org/10.1080/23738871.2020.1740753

[8]

Arkko, Jari and Tramme, B. and Nottingham, M and Huitema, C and Thomson, M. and Tantsura, J. and ten Oever, N. 2019. Considerations on Internet Consolidation and the Internet Architecture. Internet Draft. https://tools.ietf.org/html/draft-arkko-iab-internet-consolidation-02

[9]

S. Bortzmeyer. 2016. DNS Query Name Minimisation to Improve Privacy. RFC 7816. IETF. http://tools.ietf.org/rfc/rfc7816.txt

[10]

Sebastian Castro, Duane Wessels, Marina Fomenkov, and Kimberly Claffy. 2008. A Day at the Root of the Internet. ACM Computer Communication Review 38, 5 (April 2008), 41--46.

Digital Library

[11]

J. Damas, M. Graff, and P. Vixie. 2013. Extension Mechanisms for DNS (EDNS(0)). RFC 6891. IETF. http://tools.ietf.org/rfc/rfc6891.txt

[12]

Wouter B. De Vries, Roland Van Rijswijk-Deij, Pieter Tjerk De Boer, and Aiko Pras. 2018. Passive Observations of a Large DNS Service: 2.5 Years in the Life of Google. In 2018 Network Traffic Measurement and Analysis Conference (TMA). IEEE, United States. https://doi.org/10.23919/TMA.2018.8506536

[13]

Wouter B de Vries, Quirin Scheitle, Moritz Müller, Willem Toorop, Ralph Dolmans, and Roland van Rijswijk-Deij. 2019. A First Look at QNAME Minimization in the Domain Name System. In International Conference on Passive and Active Network Measurement. Springer, 147--160.

Digital Library

[14]

DNS OARC. 2020. DITL Traces and Analysis. https://www.dns-oarc.net/index.php/oarc/data/ditl/.

[15]

Pawel Foremski, Oliver Gasser, and Giovane C. M. Moura. 2019. DNS Observatory: The Big Picture of the DNS. In Proceedings of the Internet Measurement Conference (Amsterdam, Netherlands) (IMC 19). Association for Computing Machinery, New York, NY, USA, 87--100. https://doi.org/10.1145/3355369.3355566

[16]

K. Fujiwara, A. Kato, and W. Kumari. 2017. Aggressive Use of DNSSEC-Validated Cache. RFC 8198. IETF. http://tools.ietf.org/rfc/rfc8198.txt

[17]

Google. 2019. Google Public DNS. https://developers.google.com/speed/public-dns/

[18]

Google. 2020. Google Public DNS: Frequently Asked Questions. https://developers.google.com/speed/public-dns/faq

[19]

Wes Hardaker. [n.d.]. Whats in a name? https://blog.apnic.net/2020/04/13/whats-in-a-name/ https://blog.apnic.net/2020/04/13/whats-in-a-name/.

[20]

P. Hoffman, A. Sullivan, and K. Fujiwara. 2018. DNS Terminology. RFC 8499. IETF. http://tools.ietf.org/rfc/rfc8499.txt

[21]

ICANN. 2014. RSSAC002: RSSAC Advisory on Measurements of the Root Server System. https://www.icann.org/en/system/files/files/rssac-002-measurements-root-20nov14-en.pdf.

[22]

P. Johansson. 1999. IPv4 over IEEE 1394. RFC 2734. IETF. http://tools.ietf.org/rfc/rfc2734.txt

[23]

Cecilia Kang and David McCabe. 2020. Lawmakers, United in Their Ire, Lash Out at Big Techs Leaders. New York Times (July. 29 2020). https://www.nytimes.com/2020/07/29/technology/big-tech-hearing-apple-amazon-facebook-google.html

[24]

D. McPherson, D. Oran, D. Thaler, and E. Osterweil. 2014. Architectural Considerations of IP Anycast. RFC 7094. IETF. http://tools.ietf.org/rfc/rfc7094.txt

[25]

P.V. Mockapetris. 1987. Domain names - concepts and facilities. RFC 1034. IETF. http://tools.ietf.org/rfc/rfc1034.txt

[26]

P.V. Mockapetris. 1987. Domain names - implementation and specification. RFC 1035. IETF. http://tools.ietf.org/rfc/rfc1035.txt

[27]

Giovane C. M. Moura, Ricardo de O. Schmidt, John Heidemann, Wouter B. de Vries, Moritz Müller, Lan Wei, and Christian Hesselman. 2016. Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event. In Proceedings of the ACM Internet Measurement Conference (johnh: pafile). ACM, Santa Monica, California, USA, 255--270. https://doi.org/10.1145/2987443.2987446

Digital Library

[28]

Giovane C. M. Moura, John Heidemann, Ricardo de O. Schmidt, and Wes Hardaker. 2019. Cache Me If You Can: Effects of DNS Time-to-Live. In Proceedings of the ACM Internet Measurement Conference. ACM, Amsterdam, the Netherlands, 101--115. https://doi.org/10.1145/3355369.3355568

Digital Library

[29]

Giovane C. M. Moura, John Heidemann, Moritz Müller, Ricardo de O. Schmidt, and Marco Davids. 2018. When the Dike Breaks: Dissecting DNS Defenses During DDoS. In Proceedings of the ACM Internet Measurement Conference (johnh: pafile). Boston, MA, USA, 8--21. https://doi.org/10.1145/3278532.3278534

Digital Library

[30]

Moritz Müller, Giovane C. M. Moura, Ricardo de O. Schmidt, and John Heidemann. 2017. Recursives in the Wild: Engineering Authoritative DNS Servers. In Proceedings of the ACM Internet Measurement Conference. ACM, London, UK, 489--495. https://doi.org/10.1145/3131365.3131366

Digital Library

[31]

Vasileios Pappas, Zhiguo Xu, Songwu Lu, Daniel Massey, Andreas Terzis, and Lixia Zhang. 2004. Impact of Configuration Errors on DNS Robustness. SIGCOMM Comput. Commun. Rev. 34, 4 (Aug. 2004), 319--330. https://doi.org/10.1145/1030194.1015503

Digital Library

[32]

C. Partridge, T. Mendez, and W. Milliken. 1993. Host Anycasting Service. RFC 1546. IETF. http://tools.ietf.org/rfc/rfc1546.txt

[33]

Nicole Perlroth. 2016. Hackers Used New Weapons to Disrupt Major Websites Across U.S. New York Times (Oct. 22 2016), A1. http://www.nytimes.com/2016/10/22/business/internet-problems-attack.html

[34]

Quad9. 2018. Quad9 | Internet Security & Privacy In a Few Easy Steps. https://quad9.net.

[35]

Lin Quan, John Heidemann, and Yuri Pradkin. 2014. When the Internet Sleeps: Correlating Diurnal Networks with External Factors. In Proceedings of the 2014 Conference on Internet Measurement Conference (Vancouver, BC, Canada) (IMC 14). ACM, New York, NY, USA, 87--100. https://doi.org/10.1145/2663716.2663721

Digital Library

[36]

Roxana Radu and Michael Hausding. 2020. Consolidation in the DNS resolver market -- how much, how fast, how dangerous? Journal of Cyber Policy 5, 1 (2020), 46--64. https://doi.org/10.1080/23738871.2020.1722191

[37]

Root Server Operators. 2020. Root DNS. http://root-servers.org/.

[38]

Root Zone file. 2020. Root. http://www.internic.net/domain/root.zone.

[39]

Bruce Schneier. 2018. Censorship in the Age of Large Cloud Providers. https://www.schneier.com/essays/archives/2018/06/censorship_in_the_ag.html

[40]

SIDN Labs. 2020. ENTRADA - DNS Big Data Analytics. https://entrada.sidnlabs.nl/.

[41]

Internet Society. 2019. Consolidation in the Internet Economy. https://future.internetsociety.org/2019/

[42]

Matthew Thomas. [n.d.]. Chromiums impact on root DNS traffic. https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/.

[43]

P. Vixie. 1999. Extension Mechanisms for DNS (EDNS0). RFC 2671. IETF. http://tools.ietf.org/rfc/rfc2671.txt

[44]

Paul Vixie. 2014. Rate-Limiting State. Commun. ACM 57, 4 (April 2014), 40--43. https://doi.org/10.1145/2578902

[45]

Duane Wessels. 2020. RSSAC002-data. https://github.com/rssac-caucus/RSSAC002-data/.

[46]

Chris Williams. 2019. Bezos DDoSd: Amazon Web Services DNS systems knackered by hours-long cyber-attack. https://www.theregister.co.uk/2019/10/22/aws_dns_ddos/.

[47]

Maarten Wullink, Giovane CM Moura, Moritz Müller, and Cristian Hesselman. 2016. ENTRADA: A high-performance network traffic data streaming warehouse. In Network Operations and Management Symposium (NOMS), 2016 IEEE/IFIP. IEEE, 913--918.

Digital Library

[48]

Bahador Yeganeh, Ramakrishnan Durairajan, Reza Rejaie, and Walter Willinger. 2020. A First Comparative Characterization of Multi-cloud Connectivity in Todays Internet. In International Conference on Passive and Active Network Measurement. Springer, 193--210.

Cited By

Moura GDavids MSchutijser CHesselman CHeidemann JSmaragdakis G(2024)Deep Dive into NTP Pool's Popularity and MappingProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390418:1(1-30)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639041
Boeira DScheid EFranco MZembruzki LGranville L(2024)Traffic Centralization and Digital Sovereignty: An Analysis Under the Lens of DNS ServersNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575700(1-9)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575700
Silva MFranco MScheid EZembruzki LGranville L(2024)PerfResolv: A Geo-Distributed Approach for Performance Analysis of Public DNS Resolvers Based on Domain PopularityAdvanced Information Networking and Applications10.1007/978-3-031-57853-3_4(35-47)Online publication date: 10-Apr-2024
https://doi.org/10.1007/978-3-031-57853-3_4
Show More Cited By

Recommendations

Internet Infrastructure: Networking, Web Services, and Cloud Computing
Read More
Clouding the Finance Function

Cloud applications are rising quickly in importance for the CFO and the firm. The Cloud offers numerous advantages including cost control for IT and easy scalability. The Cloud is resilient. But, the advantages of the Cloud come with risks including ...
Read More
RFC2258: Internet Nomenclator Project
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '20: Proceedings of the ACM Internet Measurement Conference

October 2020

751 pages

ISBN:9781450381383

DOI:10.1145/3419394

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Conference

IMC '20

Sponsor:

IMC '20: ACM Internet Measurement Conference

October 27 - 29, 2020

Virtual Event, USA

Acceptance Rates

IMC '20 Paper Acceptance Rate 53 of 216 submissions, 25%;

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Upcoming Conference

IMC '24

Sponsor:
sigcomm
sigcomm

ACM Internet Measurement Conference

November 4 - 6, 2024

Madrid , AA , Spain

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
919
Total Downloads

Downloads (Last 12 months)114
Downloads (Last 6 weeks)9

Other Metrics

View Author Metrics

Citations

Cited By

Moura GDavids MSchutijser CHesselman CHeidemann JSmaragdakis G(2024)Deep Dive into NTP Pool's Popularity and MappingProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390418:1(1-30)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639041
Boeira DScheid EFranco MZembruzki LGranville L(2024)Traffic Centralization and Digital Sovereignty: An Analysis Under the Lens of DNS ServersNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575700(1-9)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575700
Silva MFranco MScheid EZembruzki LGranville L(2024)PerfResolv: A Geo-Distributed Approach for Performance Analysis of Public DNS Resolvers Based on Domain PopularityAdvanced Information Networking and Applications10.1007/978-3-031-57853-3_4(35-47)Online publication date: 10-Apr-2024
https://doi.org/10.1007/978-3-031-57853-3_4
Hilton ADeccio CDavis JCalandrino JTroncoso C(2023)Fourteen years in the lifeProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620415(3171-3186)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620415
Nisenoff ASharma RFeamster NCalandrino JTroncoso C(2023)User awareness and behaviors concerning encrypted DNS settings in web browsersProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620412(3117-3133)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620412
Xu CZhang YShi FShan HGuo BLi YXue P(2023)Measuring the Centrality of DNS Infrastructure in the WildApplied Sciences10.3390/app1309573913:9(5739)Online publication date: 6-May-2023
https://doi.org/10.3390/app13095739
Li ZHuang Y(2023)A First Look into the Third-Party Web Dependencies in ChinaProceedings of the 18th Asian Internet Engineering Conference10.1145/3630590.3630604(113-118)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3630590.3630604
Arouna ALivadariu IVan Rijswijk-Deij RJonker M(2023)Advancing in Reverse: A Comprehensive Characterization of IN-ADDR.ARPA DeploymentProceedings of the 18th Asian Internet Engineering Conference10.1145/3630590.3630595(37-45)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3630590.3630595
Vermeulen KSalamatian LKim SCalder MKatz-Bassett E(2023)The Central Problem with Distributed ContentProceedings of the 22nd ACM Workshop on Hot Topics in Networks10.1145/3626111.3628213(70-78)Online publication date: 28-Nov-2023
https://dl.acm.org/doi/10.1145/3626111.3628213
Zhang FZhang YLiu BAlowaisheq EYing LLi XZhang ZLiu YDuan HZhang MMontpetit MLeivadeas AUhlig SJaved M(2023)Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting ServicesProceedings of the 2023 ACM on Internet Measurement Conference10.1145/3618257.3624839(188-197)Online publication date: 24-Oct-2023
https://dl.acm.org/doi/10.1145/3618257.3624839
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents