Check out the new USENIX Web site. next up previous
Next: Threat Model & Attacks Up: ConfiDNS: Leveraging Scale and Previous: Introduction

Overview


We first briefly describe DNS, including our terminology for its various components. DNS maps human-readable machine names to IP addresses using a hierarchy of servers, each of which is responsible for a portion of the global namespace. This system, called the server-side (global) DNS infrastructure, is run by the owners of domain names (e.g., example.com) and by organizations that run the top-level servers (e.g., com) that point to the per-domain servers. Clients send DNS lookups to machines within their own organization, called local (client-side) DNS resolvers, or LDNS. These resolvers perform the queries and cache the results, sharing lookup overhead across clients. The CoDNS system stemmed from the observation that many DNS lookup delays were due to failures of the local resolvers. CoDNS brokered queries to peer DNS resolvers at remote sites when the local resolvers failed, improving performance and reliability.

ConfiDNS tries to provide more confidence in DNS lookups by using peer resolvers at all times in order to provide protection against certain attacks and failures, and by using lookup history to detect changes in name-to-IP mappings. Users run a ConfiDNS agent, ideally on their own machines, but it can be run on a (possibly shared) machine near the user (with some increased risk). This agent receives DNS lookup requests from the user, and sends the request to both the local DNS resolver as well as some number of peer ConfiDNS agents located at remote sites that use different resolvers than the client. Examples of policies that could be implemented in ConfiDNS are (a) the local resolver and at least one peer must agree on the result, (b) at least three peer sites must agree, (c) if no peers agree with the local resolver, the IP address must not have changed in the past week, (d) if no peers agree within 5 seconds, use any result.




Subsections
next up previous
Next: Threat Model & Attacks Up: ConfiDNS: Leveraging Scale and Previous: Introduction
L. Poole
2006-09-08