Marcin Nawrocki, Maynard Koch, Thomas C. Schmidt, Matthias Wählisch,
Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure,
In: Proc. of 17th International Conference on emerging Networking EXperiments and Technologies (CoNEXT), pp. 454--462, New York: ACM, 2021.
HTML   PDF   Website   Code   BibTeX   Abstract  

Abstract: In this paper, we revisit the open DNS (ODNS) infrastructure and, for the first time, systematically measure and analyze transparent forwarders, DNS components that transparently relay between stub resolvers and recursive resolvers. Our key findings include four takeaways. First, transparent forwarders contribute 26% (563k) to the current ODNS infrastructure. Unfortunately, common periodic scanning campaigns such as Shadowserver do not capture transparent forwarders and thus underestimate the current threat potential of the ODNS. Second, we find an increased deployment of transparent forwarders in Asia and South America. In India alone, the ODNS consists of 80% transparent forwarders. Third, many transparent forwarders relay to a few selected public resolvers such as Google and Cloudflare, which confirms a consolidation trend of DNS stakeholders. Finally, we introduce DNSRoute++, a new traceceroute approach to understand the network infrastructure connecting transparent forwarders and resolvers.

Themes: Network Security , Internet Measurements and Analysis


This page generated by bibTOhtml on Mo 24. Jan 10:45:06 CET 2022