Featured Research

from universities, journals, and other organizations

SD Supercomputer Center Researchers Find Unnecessary Traffic Saturating A Key Internet 'Root' Server

Date:
January 24, 2003
Source:
University Of California - San Diego
Summary:
Scientists at the San Diego Supercomputer Center (SDSC) at UCSD analyzing traffic to one of the 13 Domain Name System (DNS) "root" servers at the heart of the Internet found that the server spends the majority of its time dealing with unnecessary queries.

Scientists at the San Diego Supercomputer Center (SDSC) at UCSD analyzing traffic to one of the 13 Domain Name System (DNS) "root" servers at the heart of the Internet found that the server spends the majority of its time dealing with unnecessary queries. DNS root servers provide a critical link between users and the Internet's routing infrastructure by mapping text host names to numeric Internet Protocol (IP) addresses. Researchers at the Cooperative Association for Internet Data Analysis (CAIDA) at SDSC conducted a detailed analysis of 152 million messages received on Oct. 4, 2002, by a root server in California, and discovered that 98 percent of the queries it received during 24 hours were unnecessary. The researchers believe that the other 12 DNS root servers likely receive similarly large amounts of bad requests.

Some experts regard the system of 13 DNS root servers, the focus of several studies by CAIDA researchers, as a potential weak link in the global Internet. Spikes in DNS query traffic caused by distributed denial-of-service attacks are routinely handled by root server operators. Occasionally, as on Oct. 21, 2002, all 13 root servers are attacked simultaneously. Although no serious damage resulted from that incident, Richard A. Clarke, chairman of the President's Critical Infrastructure Protection Board and special advisor to the president for cybersecurity, has expressed concern that attacks against root servers could potentially disrupt the entire Internet. CAIDA researchers will discuss their analysis of the root server and other cybersecurity findings with Clarke during his visit to SDSC on Jan. 28. CAIDA researchers will also present a paper detailing some of their DNS analysis at the 2003 Passive and Active Measurement Workshop April 6–8 at UCSD.

Only about 2 percent of the 152 million queries received by the root server in California on Oct. 4 were legitimate, while 98 percent were classified as unnecessary. CAIDA researchers are seeking to understand why any root server would receive such an enormous number of broken queries daily from lower level servers. "If the system were functioning properly, it seems that a single source should need to send no more than 1,000 or so queries to a root name server in a 24-hour period," said CAIDA researcher Duane Wessels. "Yet we see millions of broken queries from certain sources."

Wessels categorized all the queries received by the California root server on Oct. 4, 2002, into nine types. About 70 percent of all the queries were either identical, or repeat requests for addresses within the same domain. It is as if a telephone user were dialing directory assistance to get the phone numbers of certain businesses, and repeating the directory-assistance calls again and again. Lower level servers and Internet service providers (ISPs) could save--or cache--these responses from root servers, improving overall Domain Name Service performance.

About 12 percent of the queries received by the root server on Oct. 4, were for nonexistent top-level domains, such as ".elvis", ".corp", and ".localhost". Registered top-level domains include country codes such as ".au" for Australia, ".jp" for Japan, or ".us" for the United States, as well as generic domains such as ".com", ".net", and ".edu". In addition, 7 percent of all the queries already contained an IP address instead of a host name, which made the job of mapping it to an IP address irrelevant.

Researchers believe that many bad requests occur because organizations have misconfigured packet filters and firewalls, security mechanisms intended to restrict certain types of network traffic. When packet filters and firewalls allow outgoing DNS queries, but block the resulting incoming responses, software on the inside of the firewall can make the same DNS queries over and over, waiting for responses that can't get through. Name server operators can use new tools such as dnstop, a software program written by Wessels and available at http://www.caida.org/tools/utilities/dnstop/ to detect and warn of these and other misconfigurations, significantly reducing bad requests.

Name-service errors in software implementations were reported as early as 1992, but some of these bugs are still with us today. Explosive Internet growth during the last decade exacerbates problems caused by defective name servers.


Story Source:

The above story is based on materials provided by University Of California - San Diego. Note: Materials may be edited for content and length.


Cite This Page:

University Of California - San Diego. "SD Supercomputer Center Researchers Find Unnecessary Traffic Saturating A Key Internet 'Root' Server." ScienceDaily. ScienceDaily, 24 January 2003. <www.sciencedaily.com/releases/2003/01/030124074245.htm>.
University Of California - San Diego. (2003, January 24). SD Supercomputer Center Researchers Find Unnecessary Traffic Saturating A Key Internet 'Root' Server. ScienceDaily. Retrieved October 22, 2014 from www.sciencedaily.com/releases/2003/01/030124074245.htm
University Of California - San Diego. "SD Supercomputer Center Researchers Find Unnecessary Traffic Saturating A Key Internet 'Root' Server." ScienceDaily. www.sciencedaily.com/releases/2003/01/030124074245.htm (accessed October 22, 2014).

Share This



More Computers & Math News

Wednesday, October 22, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Internet of Things Aims to Smarten Your Life

Internet of Things Aims to Smarten Your Life

AP (Oct. 22, 2014) — As more and more Bluetooth-enabled devices are reaching consumers, developers are busy connecting them together as part of the Internet of Things. (Oct. 22) Video provided by AP
Powered by NewsLook.com
Thanks, Marty McFly! Hoverboards Could Be Coming In 2015

Thanks, Marty McFly! Hoverboards Could Be Coming In 2015

Newsy (Oct. 21, 2014) — If you've ever watched "Back to the Future Part II" and wanted to get your hands on a hoverboard, well, you might soon be in luck. Video provided by Newsy
Powered by NewsLook.com
Robots to Fly Planes Where Humans Can't

Robots to Fly Planes Where Humans Can't

Reuters - Innovations Video Online (Oct. 21, 2014) — Researchers in South Korea are developing a robotic pilot that could potentially replace humans in the cockpit. Unlike drones and autopilot programs which are configured for specific aircraft, the robots' humanoid design will allow it to fly any type of plane with no additional sensors. Ben Gruber reports. Video provided by Reuters
Powered by NewsLook.com
Japanese Scientists Unveil Floating 3D Projection

Japanese Scientists Unveil Floating 3D Projection

Reuters - Innovations Video Online (Oct. 20, 2014) — Scientists in Tokyo have demonstrated what they say is the world's first 3D projection that floats in mid air. A laser that fires a pulse up to a thousand times a second superheats molecules in the air, creating a spark which can be guided to certain points in the air to shape what the human eye perceives as an image. Matthew Stock reports. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:

Strange & Offbeat Stories

 

Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins