REVIEW: "Serving DNS using Peer-to-Peer Lookup Service"

REVIEW: "Serving DNS using Peer-to-Peer Lookup Service"

The paper presents DDNS a peer-to-peer DNS service based on the Chord
lookup service. It is a fault tolerant system that provides load balancing
which, however, fails short of providing the functionality of the current
DNS service. In DDNS, records are stored and retrieved in DHash, a
distributed hash table. DHash provides the load balancing properties of
the system through use of consistent hash to allocate keys among nodes
evenly. In this system, DNS Recordset (RRSet) owners authenticate
themselves by means of signatures in order to update their records.

DDNS simplifies the administration of DNS records by separating service
from authority, giving clients the ability to enter data into the
Internet-wide Chord storage ring. It mitigates a large number of DNS
errors caused by to server misconfiguration and faulty implementation.
Recordsets are authenticated using DNSSEC public keys to hierarchically
verify the authenticity of records. Experimental evidence shows that DDNS
provides good load balancing properties. This load balancing ability is
instrumental in providing security against denial of service attacks. DDNS
is also a fault tolerant system as it stores replicas of RRSets in six
random replicas. Also, the ease with which one can transition from DNS to
DDNS by running local server accepting DNS queries from client
applications, performing the lookup in DDNS and returnng conventional
responses, can help DDNSes acceptance.

There are a number of problems with DDNS, however. Experimental evidence
shows that DDNS incurs higher latencies than regular DNS by nearly an
order of magnitude, thus making it impractical. DDNS also suffers from
problems related to network partition. For example, if an organization is
cut off from the Internet, clients in the organization are unable to
access even local services as the records for these are stored in random
locations throughout the Internet. This loss of administrative control
will thus hinder adoption of such system by institutions. Changes to the
system require updates to all clients which is infeasible. Additionally,
DDNS requires that people are willing to host other's DNS records, however
these have no incentive to do so, the free rider syndrome.

It is clear from the papers conclusion that the authors recognize the
limits of their system, and recommend the use of DNS proper.
Received on Thu Nov 10 2005 - 10:05:05 EST