1 / 13

Revamping DNS with Peer-to-Peer Architecture: CoDoNS Solution

The CoDoNS framework proposes a transformative approach to DNS by replacing its hierarchical model with a peer-to-peer network, addressing critical issues such as high latency, poor availability, and security vulnerabilities. This system enhances scalability and performance while ensuring efficient name resolution through informed caching strategies and proactive updates. Designed for incremental deployment, CoDoNS leverages existing DNS infrastructure, making it compatible with legacy clients. The vision behind CoDoNS aims to create a robust, decentralized DNS solution that meets the increasing demands of modern internet usage.

vicki
Télécharger la présentation

Revamping DNS with Peer-to-Peer Architecture: CoDoNS Solution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CoDoNS: Replacing the DNS Hierarchy with Peers Venugopalan Ramasubramanian (Rama) Emin Gün Sirer Computer Science Dept., Cornell University

  2. Why change the DNS? • DNS is largely successful • Two decades of operation • High scalability • Requirements have increased • Constant availability • High performance • Security

  3. DNS: Problems • Poor availability • 80% of domain names bottle-necked at 2 servers • 30% of domain names bottle-necked at 1 gateway • High latencies • Long tail in response time • Stale bindings remain for a long time • Vulnerable to attacks • Cache poisoning, transitive trust • Denial of Service (DoS)

  4. Insight and Solution • Hierarchical, delegation-based name resolution • Separate namespace management from name resolution • Hierarchical, decentralized namespace • Scalable, easy to manage • Efficient name resolution service • High availability, performance, and security

  5. CoDoNS: Vision • Peer-to-peer DNS • Composed of DNS resolvers and name servers • Self-certifying data • DNSSEC Name owners

  6. Home node CoDoNS: Structured Overlays hash(“www.cornell.edu”) • Self-organization • Failure resilience • Scalability • Well-defined structure • Bounded lookup time • logbN hops • 4 hops for a million node network Local resolver

  7. CoDoNS: Informed Caching • Proactive caching • Bindings pushed in anticipation • Proactive updates • No timeouts • Immediate propagation of updates Home Local resolver

  8. CoDoNS: Informed Caching • System-wide performance goals become mathematical optimization problems Min. Overhead s.t. Performance = Target Max. Performance s.t. Overhead ≤ Capacity • Performance = lookup latency • Overhead = bandwidth or memory

  9. CoDoNS: Deployment • Incrementally deployable • Uses legacy DNS to populate resource records on demand • Signs and introduces bindings so that CoDoNS nodes do not corrupt data (stop-gap) • Retains DNS management infrastructure • DNS registries, Root authority • Supports legacy clients

  10. CoDoNS: Miscellaneous • Negative responses • Cached temporarily • Local names treated specially • Queries resolved locally without introducing load into the ring • Server-side computation supported • Low-TTL records not cached, replaced with forwarding pointers • Supports Akamai and other CDN trickery

  11. CoDoNS: Lookup Latency

  12. Summary • Separate namespace management from name resolution • Use peer-to-peer architecture for name resolution • High availability, performance, and scalability http://www.cs.cornell.edu/people/egs/beehive/

More Related