Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits?

Giovane C.M. Moura; Moritz Müller; Marco Davids; Maarten Wullink; Cristian Hesselman

doi:10.1007/978-3-030-72582-2_27

Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits?

Giovane C.M. Moura^*, Moritz Müller, Marco Davids, Maarten Wullink, Cristian Hesselman

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

4 Citations (Scopus)

Abstract

The DNS provides one of the core services of the Internet, mapping applications and services to hosts. DNS employs both UDP and TCP as a transport protocol, and currently most DNS queries are sent over UDP. The problem with UDP is that large responses run the risk of not arriving at their destinations – which can ultimately lead to unreachability. However, it remains unclear how much of a problem these large DNS responses over UDP are in the wild. This is the focus on this paper: we analyze 164 billion queries/response pairs from more than 46k autonomous systems, covering three months (July 2019 and 2020, and Oct. 2020), collected at the authoritative servers of the.nl, the country-code top-level domain of the Netherlands. We show that fragmentation, and the problems that can follow fragmentation, rarely occur at such authoritative servers. Further, we demonstrate that DNS built-in defenses – use of truncation, EDNS0 buffer sizes, reduced responses and TCP fall back – are effective to reduce fragmentation. Last, we measure the uptake of the DNS flag day in 2020.

Original language	English
Title of host publication	Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings
Editors	Oliver Hohlfeld, Andra Lutu, Dave Levin
Publisher	Springer
Pages	460-477
Number of pages	18
ISBN (Print)	9783030725815
DOIs	https://doi.org/10.1007/978-3-030-72582-2_27
Publication status	Published - 30 Mar 2021
Event	22nd International Conference on Passive and Active Measurement, PAM 2021 - Virtual, Online Duration: 29 Mar 2021 → 1 Apr 2021 Conference number: 22

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12671 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	22nd International Conference on Passive and Active Measurement, PAM 2021
Abbreviated title	PAM 2021
City	Virtual, Online
Period	29/03/21 → 1/04/21

Keywords

n/a OA procedure

Access to Document

10.1007/978-3-030-72582-2_27

Cite this

Moura, G. C. M., Müller, M., Davids, M., Wullink, M., & Hesselman, C. (2021). Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits? In O. Hohlfeld, A. Lutu, & D. Levin (Eds.), Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings (pp. 460-477). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12671 LNCS). Springer. https://doi.org/10.1007/978-3-030-72582-2_27

Moura, Giovane C.M. ; Müller, Moritz ; Davids, Marco et al. / Fragmentation, Truncation, and Timeouts : Are Large DNS Messages Falling to Bits?. Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings. editor / Oliver Hohlfeld ; Andra Lutu ; Dave Levin. Springer, 2021. pp. 460-477 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{00228c74b0cf4b47b74b45b57f169d62,

title = "Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits?",

abstract = "The DNS provides one of the core services of the Internet, mapping applications and services to hosts. DNS employs both UDP and TCP as a transport protocol, and currently most DNS queries are sent over UDP. The problem with UDP is that large responses run the risk of not arriving at their destinations – which can ultimately lead to unreachability. However, it remains unclear how much of a problem these large DNS responses over UDP are in the wild. This is the focus on this paper: we analyze 164 billion queries/response pairs from more than 46k autonomous systems, covering three months (July 2019 and 2020, and Oct. 2020), collected at the authoritative servers of the.nl, the country-code top-level domain of the Netherlands. We show that fragmentation, and the problems that can follow fragmentation, rarely occur at such authoritative servers. Further, we demonstrate that DNS built-in defenses – use of truncation, EDNS0 buffer sizes, reduced responses and TCP fall back – are effective to reduce fragmentation. Last, we measure the uptake of the DNS flag day in 2020.",

keywords = "n/a OA procedure",

author = "Moura, {Giovane C.M.} and Moritz M{\"u}ller and Marco Davids and Maarten Wullink and Cristian Hesselman",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; 22nd International Conference on Passive and Active Measurement, PAM 2021, PAM 2021 ; Conference date: 29-03-2021 Through 01-04-2021",

year = "2021",

month = mar,

day = "30",

doi = "10.1007/978-3-030-72582-2_27",

language = "English",

isbn = "9783030725815",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "460--477",

editor = "Oliver Hohlfeld and Andra Lutu and Dave Levin",

booktitle = "Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings",

address = "Germany",

}

Moura, GCM, Müller, M, Davids, M, Wullink, M & Hesselman, C 2021, Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits? in O Hohlfeld, A Lutu & D Levin (eds), Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12671 LNCS, Springer, pp. 460-477, 22nd International Conference on Passive and Active Measurement, PAM 2021, Virtual, Online, 29/03/21. https://doi.org/10.1007/978-3-030-72582-2_27

Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits? / Moura, Giovane C.M.; Müller, Moritz; Davids, Marco et al.
Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings. ed. / Oliver Hohlfeld; Andra Lutu; Dave Levin. Springer, 2021. p. 460-477 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12671 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Fragmentation, Truncation, and Timeouts

T2 - 22nd International Conference on Passive and Active Measurement, PAM 2021

AU - Moura, Giovane C.M.

AU - Müller, Moritz

AU - Davids, Marco

AU - Wullink, Maarten

AU - Hesselman, Cristian

N1 - Conference code: 22

PY - 2021/3/30

Y1 - 2021/3/30

N2 - The DNS provides one of the core services of the Internet, mapping applications and services to hosts. DNS employs both UDP and TCP as a transport protocol, and currently most DNS queries are sent over UDP. The problem with UDP is that large responses run the risk of not arriving at their destinations – which can ultimately lead to unreachability. However, it remains unclear how much of a problem these large DNS responses over UDP are in the wild. This is the focus on this paper: we analyze 164 billion queries/response pairs from more than 46k autonomous systems, covering three months (July 2019 and 2020, and Oct. 2020), collected at the authoritative servers of the.nl, the country-code top-level domain of the Netherlands. We show that fragmentation, and the problems that can follow fragmentation, rarely occur at such authoritative servers. Further, we demonstrate that DNS built-in defenses – use of truncation, EDNS0 buffer sizes, reduced responses and TCP fall back – are effective to reduce fragmentation. Last, we measure the uptake of the DNS flag day in 2020.

AB - The DNS provides one of the core services of the Internet, mapping applications and services to hosts. DNS employs both UDP and TCP as a transport protocol, and currently most DNS queries are sent over UDP. The problem with UDP is that large responses run the risk of not arriving at their destinations – which can ultimately lead to unreachability. However, it remains unclear how much of a problem these large DNS responses over UDP are in the wild. This is the focus on this paper: we analyze 164 billion queries/response pairs from more than 46k autonomous systems, covering three months (July 2019 and 2020, and Oct. 2020), collected at the authoritative servers of the.nl, the country-code top-level domain of the Netherlands. We show that fragmentation, and the problems that can follow fragmentation, rarely occur at such authoritative servers. Further, we demonstrate that DNS built-in defenses – use of truncation, EDNS0 buffer sizes, reduced responses and TCP fall back – are effective to reduce fragmentation. Last, we measure the uptake of the DNS flag day in 2020.

KW - n/a OA procedure

UR - http://www.scopus.com/inward/record.url?scp=85107300976&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-72582-2_27

DO - 10.1007/978-3-030-72582-2_27

M3 - Conference contribution

AN - SCOPUS:85107300976

SN - 9783030725815

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 460

EP - 477

BT - Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings

A2 - Hohlfeld, Oliver

A2 - Lutu, Andra

A2 - Levin, Dave

PB - Springer

Y2 - 29 March 2021 through 1 April 2021

ER -

Moura GCM, Müller M, Davids M, Wullink M, Hesselman C. Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits? In Hohlfeld O, Lutu A, Levin D, editors, Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings. Springer. 2021. p. 460-477. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-72582-2_27

Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits?

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this