Loading...
Please wait, while we are loading the content...
Similar Documents
LDplayer: DNS Experimentation at Scale (abstract with poster)
| Content Provider | Semantic Scholar |
|---|---|
| Author | Zhu, Liang Heidemann, John |
| Abstract | The Domain Name System (DNS) has grown to play various of broader roles in the Internet, beyond name-to-address mapping. It provides query engine for anti-spam [3] and replica selection for content delivery networks (CDNs) [4]. DANE [2] provides additional source of trust by leveraging the integrity verification of DNSSEC [1]. The wide use and critical role of DNS prompt its continuous evolution. However, DNS protocol evolution and expansion of its use have been slow because advances must consider a huge and diverse installed base: a complex ecosystem of many implementations, archaic deployments, and interfering middleboxes. DNS performance issues are also a concern, both for choices about protocol changes, and for managing inevitable changes in use. There are a number of important open questions: How does current server operate under the stress of a Denial-ofService (DoS) attack? What is the server and client performance when protocol or architecture changes? We believe accurate, high-speed trace replay is essential to study many open questions in DNS, because DNS performance can be very sensitive to query timing and caching, and interactions across levels of the DNS hierarchy and multiple servers. These interactions seem impossible to model, and difficult to capture with a naive set of servers. In this poster we will describe LDplayer, a configurable, general-purpose DNS testbed that enables DNS experiments at scale in several dimensions: many zones, numerous levels of DNS hierarchy, large query rates, and diverse query sources. To meet these requirements while providing high fidelity experiments, LDplayer includes a distributed DNS query replay system and methods to rebuild the relevant DNS hierarchy from traces. We show that a single DNS server can correctly emulate multiple independent levels of the DNS hierarchy while providing correct responses as if they were independent. We show the importance of our system to evaluate pressing DNS design questions, using it to evaluate changes in DNSSEC key size. |
| File Format | PDF HTM / HTML |
| Alternate Webpage(s) | https://www.isi.edu/publications/trpublic/pdfs/ISI-TR-721.pdf |
| Language | English |
| Access Restriction | Open |
| Content Type | Text |
| Resource Type | Article |
