next up previous
Next: Acknowledgments Up: The Design and Implementation Previous: Related Work


Conclusions

The Domain Name System is a critical component of the Internet. The growth of the Internet namespace, the explosion in the number of networked hosts, and the recent emergence of large-scale coordinated attacks have strained the hierarchical, static architecture of the legacy Domain Name System. DNS is vulnerable to DoS attacks, incurs high latencies for query resolution and update propagation, suffers from misconfigurations, and is difficult to administer.

In this paper, we propose a novel alternative for DNS, called CoDoNS. CoDoNS retains the most succesful parts of the DNS design; namely, the hierarchical partitioning of the namespace, the independent management of different parts of the hierarchy, and the general-purpose database interface. CoDoNS combines peer-to-peer overlay networks with analytically-informed proactive caching to provide an alternative DNS infrastructure. It resists denial of service attacks, heals around failures, automatically distributes load, supports fast updates and adapts quickly to flash crowds. It decouples nameservice from the physical location of nameservers through cryptographic delegations, and creates a competitive marketplace for name services. Performance measurements from a deployment on PlanetLab using real DNS workloads indicate that CoDoNS can significantly improve the lookup performance of legacy DNS with modest storage and bandwidth overhead.

CoDoNS provides a new platform for nameowners to efficiently publish and manage their data. Our current implementation and deployment provides a simple incremental migration path from legacy DNS towards the performance and functionality offered by CoDoNS. During this process CoDoNS can serve as a safety net alongside legacy DNS.


next up previous
Next: Acknowledgments Up: The Design and Implementation Previous: Related Work
beehive-l@cs.cornell.edu