This paper presents an evaluation of the potential gains and pitfalls
of using a P2P DHT system (in this case, Chord), for providing DNS
service. The observation is that the current hierarchical DNS system
does not distribute load evenly and centralizes (relatively)
administration. By using a DHT, load can be better balanced across
the participating DNS systems, providing service for domains even if
their respective DNS server is down. Furthermore, this gives domain
owners stronger control over their DNS resource records, reducing the
number of improper DNS configurations.
The authors of the paper show that under a Distributed DNS (DDNS)
system with fixed DNS entries and fixed homogeneous DDNS servers, DDNS
can perform well in distributing load. However, their evaluation
highlights a weakness with using DDNS. Though the complexity of name
lookups in Chord is simply too slow compared to current DNS. Chord
simply takes too many hops.
I believe the strength of this paper is its presentation of an attempt
at providing DNS over DHTs. They highlight problems with the approach
which might otherwise not have been found without an implementation.
However, there are several weaknesses and points for future work.
First, using Chord assumes that the ring topology consists of
homogeneous nodes. Clearly this is not the case amongst the many DNS
servers available on the Internet. The authors suggest having
super-nodes run multiple virtual nodes as a method for compensating
differences in computational resources. However, this solution has
two problems: if a super-node contains a continuous block of virtual
nodes, then its failure can place extreme burden on its
lesser-powerful neighbors. If a super-node contains a dispersed set
of virtual nodes, then the super-node can potentially be traversed
multiple times in a lookup.
Second, the DNS hierarchy allows private networks (especially those
behind NATs) to provide their own DNS service. Participation in the
Chord topology means the namespace is flattened. Though a private
network contains addresses which are not rout-able on the Internet
(192.* and 10.10.*), it exposes the existence of these machines to the
DDNS system. This can be considered a security risk.
Third, while the authors consider the problem of free-loaders who use
DDNS without providing their own contributing DDNS server, they do not
consider the problem of DDNS servers being responsible for names which
the owners may find objectionable. For example, what if I provide my
own DDNS server and unfortunately find that I'm the primary server for
the www.kiddieporn.com name?
Finally, I believe the strongest weakness with DDNS solutions is that
it still requires a central signing authority. Right now I register a
domain and point it at my own DNS server. With DDNS, I'll end up
having to pay Verisign $5000 a year for a signed certificate.
Received on Wed Nov 09 2005 - 12:00:28 EST
This archive was generated by hypermail 2.2.0 : Wed Nov 09 2005 - 20:03:07 EST