DNS Performance – a Study of Free, Public and Popular DNS Servers in 2019
Total Page:16
File Type:pdf, Size:1020Kb
Linköping University | Department of Computer and Information Science Bachelor’s thesis, 16 ECTS | Informationsteknologi 2019 | LIU-IDA/LITH-EX-G--19/037--SE DNS Performance – A study of free, public and popular DNS servers in 2019 DNS prestanda – En studie av gratis, publika och populära DNS servrar år 2019 Filip Ström Felix Zedén Yverås Supervisor : Niklas Carlsson Examiner : Marcus Bendtsen Linköpings universitet SE–581 83 Linköping +46 13 28 10 00 , www.liu.se Upphovsrätt Detta dokument hålls tillgängligt på Internet - eller dess framtida ersättare - under 25 år från publicer- ingsdatum under förutsättning att inga extraordinära omständigheter uppstår. Tillgång till dokumentet innebär tillstånd för var och en att läsa, ladda ner, skriva ut enstaka ko- pior för enskilt bruk och att använda det oförändrat för ickekommersiell forskning och för undervis- ning. Överföring av upphovsrätten vid en senare tidpunkt kan inte upphäva detta tillstånd. All annan användning av dokumentet kräver upphovsmannens medgivande. För att garantera äktheten, säker- heten och tillgängligheten finns lösningar av teknisk och administrativ art. Upphovsmannens ideella rätt innefattar rätt att bli nämnd som upphovsman i den omfattning som god sed kräver vid användning av dokumentet på ovan beskrivna sätt samt skydd mot att dok- umentet ändras eller presenteras i sådan form eller i sådant sammanhang som är kränkande för up- phovsmannens litterära eller konstnärliga anseende eller egenart. För ytterligare information om Linköping University Electronic Press se förlagets hemsida http://www.ep.liu.se/. Copyright The publishers will keep this document online on the Internet - or its possible replacement - for a period of 25 years starting from the date of publication barring exceptional circumstances. The online availability of the document implies permanent permission for anyone to read, to down- load, or to print out single copies for his/hers own use and to use it unchanged for non-commercial research and educational purpose. Subsequent transfers of copyright cannot revoke this permission. All other uses of the document are conditional upon the consent of the copyright owner. The publisher has taken technical and administrative measures to assure authenticity, security and accessibility. According to intellectual property law the author has the right to be mentioned when his/her work is accessed as described above and to be protected against infringement. For additional information about the Linköping University Electronic Press and its procedures for publication and for assurance of document integrity, please refer to its www home page: http://www.ep.liu.se/. Filip Ström © Felix Zedén Yverås Students in the 5 year Information Technology program complete a semester-long soft- ware development project during their sixth semester (third year). The project is completed in mid-sized groups, and the students implement a mobile application intended to be used in a multi-actor setting, currently a search and rescue scenario. In parallel they study several topics relevant to the technical and ethical considerations in the project. The project culmin- ates by demonstrating a working product and a written report documenting the results of the practical development process including requirements elicitation. During the final stage of the semester, students create small groups and specialise in one topic, resulting in a bach- elor thesis. The current report represents the results obtained during this specialisation work. Hence, the thesis should be viewed as part of a larger body of work required to pass the semester, including the conditions and requirements for a bachelor thesis. Abstract The Domain Name System (DNS) is an integral part of making the internet a more human-friendly place. However, it comes with the cost of an added abstraction layer that introduces extra latency in many aspects of the modern computing experience - a great selling point for many DNS services. In this thesis we look at the performance of DNS services and servers through the scope of 51 unique free, public and popular DNS servers. We use a specifically designed tool, DNSHoarder, to collect 714,000 datapoints of 250 differ- ent hostnames of varying popularity over seven days. From this data we find most DNS servers to exhibit a similar relative distribution of response times and performance differ- ences between IPv4 and IPv6 to be minor or nonexistent. We also find network distance and quality to have a big effect on the performance of DNS as well as network latency to be a major limiting factor in further DNS performance improvements. Acknowledgments First, a big thank you to our supervisor Niklas Carlsson for his support and feedback during the writing of this thesis. We would also like to thank Xiangfeng Yang of the Department of Mathematics for taking the time to help out two random students suddenly appearing at his door. Additionally, we would like to extend our gratitude to Philippe Biondi and the Scapy community for enabling this work with their excellent Scapy tool. Finally we would like to thank two members of the Scapy community in particular, Gabriel (@gpotter2) and Guillaume Valadon (@guedou), for their personal assistance. Without your help, the results presented herein would have suffered greatly. v Contents Abstract iv Acknowledgments v Contents vi List of Figures viii List of Tables ix List of Code x 1 Introduction 1 1.1 Motivation . 2 1.2 Aim............................................ 2 1.3 Research Questions . 2 1.4 Delimitations . 2 2 Background 3 2.1 The Domain Name System (DNS) . 3 2.2 Related Work . 5 3 Method 8 3.1 Tool Development . 8 3.2 Automated Data Collection . 10 4 Results 12 4.1 Overview of Failed DNS Queries . 12 4.2 IPv4 vs IPv6 Performance . 17 4.3 Performance Variation Between DNS Servers . 23 4.4 Performance Based on Hostname Popularity . 26 5 Discussion 27 5.1 Results . 27 5.2 Method . 28 5.3 The Work in a Wider Context . 30 6 Conclusion 31 6.1 Going Further . 31 Bibliography 33 A Structure of DNSHoarder Output Data 36 vi B Additional Graphs 41 C DNSHoarder CLI Arguments 49 D .gitlab-ci.yml 50 E DNS Servers 52 F Hostnames 54 vii List of Figures 3.1 How input files are combined into DNSHoarder jobs . 9 4.1 DNS servers failing 100% of queries . 13 4.2 Excerpt of traceroute for DNS servers failing 100% of queries . 13 4.3 Excerpt of DNS servers failing some queries, but not all . 14 4.4 Excerpt of traceroute for DNS servers failing some queries, but not all . 14 4.5 Excerpt of DNS servers intermittently failing 100% of queries . 15 4.6 Excerpt of traceroute for DNS servers intermittently failing 100% of queries . 15 4.7 Excerpt of DNS servers completing almost 100% of queries . 16 4.8 Excerpt of traceroute for DNS servers completing almost 100% of queries . 17 4.9 Average performance over time, per DNS server (IPv4 / A record) . 18 4.10 Average performance over time, per DNS server (IPv6 / AAAA record) . 19 4.11 Performance per DNS server (IPv4 / A record) . 20 4.12 Performance per DNS server (IPv6 / AAAA record) . 21 4.13 Performance per day of week . 22 4.14 Excerpt of response sizes per DNS server . 23 4.15 IPv4 performance comparison based on median and average performance values of primary and secondary DNS servers. Blue favors the primary DNS server. 24 4.16 IPv6 performance comparison based on median and average performance values of primary and secondary DNS servers. Blue favors the primary DNS server. 24 4.17 Performance per day of week . 25 4.18 Median performance per hostname . 26 5.1 Disparity in response size where the 209.88.198.133 and 208.76.50.50 DNS server yielded significantly smaller responses than other DNS servers. 27 5.2 Comparison of the heatmap of failed requests before and after considering empty DNS responses invalid. 28 A.1 Hierarchical structure of DNSHoarder’s output data . 37 B.1 Failed DNS queries over time, per DNS server (IPv4 / A record) . 42 B.2 Failed DNS queries over time, per DNS server (IPv6 / AAAA record) . 43 B.3 Average distance and ping performance of the routes to each DNS server as meas- ured by traceroute . 44 B.4 Average failed DNS queries per DNS server, over time . 45 B.5 Average failed DNS queries per DNS server, over time (excluding DNS servers that fail 100% of the requests) . 45 B.6 Response size per DNS server (IPv4 / A record) . 46 B.7 Response size per DNS server (IPv6 / AAAA record) . 47 B.8 Performance per day of week . 48 viii List of Tables 3.1 DNS services providing a primary and secondary DNS server . 11 A.1 Attributes for the <RECORD TYPE> entry . 36 A.2 Attributes for the IP entry . 38 A.3 Attributes for the UDP entry . 38 A.4 Attributes for the DNS entry . 39 A.5 Attributes for each qd entry . 39 A.6 Attributes for each an entry . 39 A.7 Attributes for each ns entry . 40 A.8 Attributes for each ar entry . 40 E.1 DNS servers used for data collection . 53 F.1 Hostnames used for data collection . 61 ix List of Code C.1 Available arguments and associated descriptions for DNSHoarder . 49 D.1 Gitlab CI configuration file (.gitlab-ci.yml) used to automate data collection . 50 x 1 Introduction The Domain Name System (DNS) is an integral part of making the internet a more human- friendly place, allowing for the use of more memorable hostnames over series of numbers - and with the introduction of IPv6 even letters - for addressing of individual, interconnected devices. The caveat is an additional layer of abstraction that introduces extra latency in many aspects of the modern computing experience. To combat the overhead introduced by DNS, multiple free and public DNS services have appeared, claiming to offer ever better perform- ing services.