Characterizing Anycast in the Domain Name System. Fan, X., Heidemann, J., & Govindan, R. Technical Report ISI-TR-2011-681, USC/Information Sciences Institute, May, 2012.
Characterizing Anycast in the Domain Name System [link]Paper  abstract   bibtex   
IP anycast is a central part of production DNS. While prior work has explored proximity, affinity and load balancing for some anycast services, there has been little attention to third-party discovery and enumeration of components of an anycast service. Enumeration can reveal abnormal service configurations, benign masquerading or hostile hijacking of anycast services, and can help characterize the extent of anycast deployment. In this paper, we discuss two methods to identify and characterize anycast nodes. The first uses an existing anycast diagnosis method based on CHAOS-class DNS records but augments it with traceroute to resolve ambiguities. The second proposes Internet-class DNS records which permit accurate discovery through the use of existing recursive DNS infrastructure. We validate these two methods against three widely-used anycast DNS services, using a very large number (60k and 300k) of vantage points, and show that they can provide excellent precision and recall. Finally, we use these methods to evaluate anycast deployments in top-level domains (TLDs), and find one case where a third-party operates a server masquerading as a root DNS anycast node as well as a noticeable proportion of unusual anycast proxies. We also show that, across all TLDs, up to 72% use anycast, and that, of about 30 anycast providers, the two largest serve nearly half the anycasted TLD nameservers.
@TechReport{Fan12a,
	author = 	"Xun Fan and John Heidemann and Ramesh Govindan",
	title = 	"Characterizing Anycast in the Domain Name System",
	institution = 	"USC/Information Sciences Institute",
	year = 		2012,
	sortdate = 		"2012-05-01",
	project = "ant, amite, lacrend, lander, rearch_root, nipet",
	jsubject = "chronological",
	number = 	"ISI-TR-2011-681",
	month = 	may,
	jlocation = 	"johnh: pafile",
	keywords = 	"anycast, detection",
	jlocation = 	"johnh: pafile",
	keywords = 	"anycast, discovery, topology, DNS, F-root, PCH, Netalyzr",
	url =		"https://ant.isi.edu/%7ejohnh/PAPERS/Fan12a.html",
	pdfurl =	"https://ant.isi.edu/%7ejohnh/PAPERS/Fan12a.pdf",
	myorganization =	"USC/Information Sciences Institute",
	copyrightholder = "authors",
	abstract = "IP anycast is a central part of production DNS.  While prior work has
explored proximity, affinity and load balancing for some anycast
services, there has been little attention to third-party discovery and
enumeration of components of an anycast service.  Enumeration can
reveal abnormal service configurations, benign masquerading or hostile
hijacking of anycast services, and can help characterize the extent of
anycast deployment.  In this paper, we discuss two methods to identify
and characterize anycast nodes.  The first uses an existing anycast
diagnosis method based on CHAOS-class DNS records but augments it with
traceroute to resolve ambiguities.  The second proposes Internet-class
DNS records which permit accurate discovery through the use of
existing recursive DNS infrastructure.  We validate these two methods
against three widely-used anycast DNS services, using a very large
number (60k and 300k) of vantage points, and show that they can
provide excellent precision and recall.  Finally, we use these methods
to evaluate anycast deployments in top-level domains (TLDs), and find
one case where a third-party operates a server masquerading as a root
DNS anycast node as well as a noticeable proportion of unusual anycast
proxies.  We also show that, across all TLDs, up to 72\% use anycast,
and that, of about 30 anycast providers, the two largest serve nearly
half the anycasted TLD nameservers.
",
}
Downloads: 0
About
Documentation
Keywords
Search
Users
Terms and Conditions of Use
Privacy Policy
Sitemap
© BibBase.org 2021