Identifying and Characterizing Anycast in the Domain Name System

Identifying and Characterizing Anycast in the Domain Name System

Fan, Xun and Heidemann, John and Govindan, Ramesh
USC/Information Sciences Institute

Xun Fan, John Heidemann and Ramesh Govindan 2011. Identifying and Characterizing Anycast in the Domain Name System. Technical Report ISI-TR-2011-671. USC/Information Sciences Institute.

Abstract

Since its first appearance, IP anycast has become essential for critical network services such as the Domain Name System (DNS). Despite this, there has been little attention to independently identifying and characterizing anycast nodes. External evaluation of anycast allows both third-party auditing of its benefits, and is essential to discovering benign masquerading or hostile hijacking of anycast services. In this paper, we develop ACE, an approach to identify and characterize anycast nodes. ACE first method is DNS queries for CHAOS records, the recommended debugging service for anycast, suitable for cooperative anycast services. Its second method uses \emphtraceroute to identify all anycast services by their connectivity to the Internet. Each individual method has ambiguities in some circumstances; we show a combined method improves on both. We validate ACE against two widely used anycast DNS services that provide ground truth. ACE has good precision, with 88% of its results corresponding to unique anycast nodes of the F-root DNS service. Its recall is affected by the number and diversity of vantage points. We use ACE for an initial study of how anycast is used for top-level domain servers. We find one case where a third-party server operates on root-DNS IP address, masquerades to capture traffic for its organization. We also study the 1164 nameserver IP addresses that cover all generic and country-code top-level domains, gather evidence that at least 14% and perhaps 32% use anycast.

Reference

@techreport{Fan11a,
  author = {Fan, Xun and Heidemann, John and Govindan, Ramesh},
  title = {Identifying and Characterizing Anycast in the Domain Name System},
  institution = {USC/Information Sciences Institute},
  year = {2011},
  sortdate = {2011-06-01},
  project = {ant, amite, lacrend, lander, research_root},
  jsubject = {chronological},
  number = {ISI-TR-2011-671},
  month = jun,
  location = {johnh: pafile},
  keywords = {anycast, discovery, topology, DNS, F-root, PCH},
  url = {http://www.isi.edu/%7ejohnh/PAPERS/Fan10b.html},
  pdfurl = {http://www.isi.edu/%7ejohnh/PAPERS/Fan10b.pdf},
  myorganization = {USC/Information Sciences Institute},
  copyrightholder = {authors}
}