{"id":190,"date":"2012-05-17T15:35:06","date_gmt":"2012-05-17T22:35:06","guid":{"rendered":"http:\/\/ant.isi.edu\/blog\/?p=190"},"modified":"2020-10-19T10:29:28","modified_gmt":"2020-10-19T17:29:28","slug":"new-tech-report-characterizing-anycast-in-the-domain-name-system","status":"publish","type":"post","link":"https:\/\/ant.isi.edu\/blog\/?p=190","title":{"rendered":"New tech report \u201cCharacterizing Anycast in the Domain Name System\u201d"},"content":{"rendered":"<div>\n<p>We just published an new technical report of our anycast enumeration work, including some exciting new results. Check out &#8220;Characterizing Anycast in the Domain Name System&#8221; (available at <a href=\"ftp:\/\/ftp.isi.edu\/isi-pubs\/tr-681.pdf\"> ftp:\/\/ftp.isi.edu\/isi-pubs\/tr-681.pdf<\/a>) .<\/p>\n<\/div>\n<div>\n<div>\n<p>From the abstract:<\/p>\n<blockquote><p>IP anycast is a central part of production DNS. While prior<br \/>\nwork has explored proximity, affinity and load balancing<br \/>\nfor some anycast services, there has been little attention to<br \/>\nthird-party discovery and enumeration of components of an<br \/>\nanycast service. Enumeration can reveal abnormal service<br \/>\nconfigurations, benign masquerading or hostile hijacking of<br \/>\nanycast services, and can help characterize the extent of any-<br \/>\ncast deployment. In this paper, we discuss two methods to<br \/>\nidentify and characterize anycast nodes. The first uses an<br \/>\nexisting anycast diagnosis method based on CHAOS-class<br \/>\nDNS records but augments it with traceroute to resolve<br \/>\nambiguities. The second proposes Internet-class DNS records<br \/>\nwhich permit accurate discovery through the use of existing<br \/>\nrecursive DNS infrastructure. We validate these two meth-<br \/>\nods against three widely-used anycast DNS services, using<br \/>\na very large number (60k and 300k) of vantage points, and<br \/>\nshow that they can provide excellent precision and recall.<br \/>\nFinally, we use these methods to evaluate anycast deploy-<br \/>\nments in top-level domains (TLDs), and find one case where<br \/>\na third-party operates a server masquerading as a root DNS<br \/>\nanycast node as well as a noticeable proportion of unusual<br \/>\nanycast proxies. We also show that, across all TLDs, up to<br \/>\n72% use anycast, and that, of about 30 anycast providers,<br \/>\nthe two largest serve nearly half the anycasted TLD name-<br \/>\nservers.<\/p><\/blockquote>\n<p>Citation: Xun Fan, John Heidemann and Ramesh Govindan. Characterizing Anycast in the Domain Name System. Technical Report N. ISI-TR-681, USC\/Information Sciences Institute, May, 2012. ftp:\/\/ftp.isi.edu\/isi-pubs\/tr-681.pdf<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>We just published an new technical report of our anycast enumeration work, including some exciting new results. Check out &#8220;Characterizing Anycast in the Domain Name System&#8221; (available at ftp:\/\/ftp.isi.edu\/isi-pubs\/tr-681.pdf) . From the abstract: IP anycast is a central part of production DNS. While prior work has explored proximity, affinity and load balancing for some anycast [&hellip;]<\/p>\n","protected":false},"author":34,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[282,283],"tags":[27,43,8,22,5,41,18,26],"class_list":["post-190","post","type-post","status-publish","format-standard","hentry","category-publications","category-technical-report","tag-amite","tag-anycast","tag-lander","tag-measurement-systems","tag-papers","tag-predict","tag-security","tag-tech-report"],"_links":{"self":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts\/190","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/users\/34"}],"replies":[{"embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=190"}],"version-history":[{"count":3,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts\/190\/revisions"}],"predecessor-version":[{"id":1655,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts\/190\/revisions\/1655"}],"wp:attachment":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=190"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=190"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=190"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}