Active Measurement Of DNS Infrastructure Behavior And Performance

Along with the rapid development of the Internet,people's lives have long been closely related to the Internet.Various kinds of network services bring endless convenience to people.The Internet domain name system is one of the most important infrastructure of Internet,it provides the service of translating domain name to IP address,it is the cornerstone of almost all of the network services,its stability and performance have an important effect on the Internet.This article study the behavior of authoritative DNS server and the connection between authoritative DNS server and recursive DNS server.The article implement measurement on the connection performance between open recursive server in China and authoritative DNS server.Mainly divided into the following three parts.(1)This paper probes the authoritative DNS server,studies the configuration and deployment of the authoritative DNS server of the top 1 million domains of the world,and finds 217838 authoritative DNS servers in total.The DNS authoritative server is detected by active measurement method.The response behavior of authoritative DNS server to various queries is analyzed,the configuration information and security performance are analyzed by its response.Found that most authoritative server configuration is reasonable,but a small number of them have problems.Found that 1.83% of the authoritative DNS server return the false IP address,and 4.28% of the authoritative DNS server will respond to the AXFR query.(2)This paper compares several delay measurement methods between DNS servers,and analyze their respective advantages and disadvantages and scope of application.This paper study the existing problems in the D-KING method and puts forward some improved methods to improve the accuracy of the measurement results.This paper uses nxdomain-query method and D-KING method to measure the delay between 8253 open recursive servers in China and the root and Gtld servers,the measurement results were analyzed.Found that CN domain provides the shortest response time among the measured top-level domain,the median is 26 ms.F root provides the shortest response time among the root servers,the median is 37 ms.Due to the shortage of the root name server mirroring in China,most of the root name servers' response time is longer,the H root's response time was largest,the median is 244 ms.(3)This paper explores the selection method of authoritative DNS server by open recursive server,and analyzes the selection algorithm of authoritative server for different DNS server version.The average query latency of the selected authoritative server is used as a standard to compare the selection results of each algorithm.And summed up three choice model,including average selection,RTT inverse selection and best server selection.For the most widely used SRTT algorithm,we find several factors that cause its selection to be worse,including high query rate and long RTT,and analyze the reasons.The selection of authoritative DNS servers in various open recursive servers in China was measured and analyzed,the result shows that most recursive server choose authoritative server by RTT.