ODNS Clustering: Unveiling Client-side Dependency in Open DNS Infrastructure

Wenhao Wu; Zhaohua Wang; Li Qinxin; Zihan Li; Yi Li; Jin Yan; Zhenyu Li

ODNS Clustering: Unveiling Client-side Dependency in Open DNS Infrastructure

Wenhao Wu, Zhaohua Wang, Li Qinxin, Zihan Li, Yi Li, Jin Yan, Zhenyu Li

Published: 29 Jan 2025, Last Modified: 29 Jan 2025WWW 2025 PosterEveryoneRevisionsBibTeXCC BY 4.0

Track: Systems and infrastructure for Web, mobile, and WoT

Keywords: DNS infrastructure; Open resolver; Internet Measurement;

TL;DR: This work reveals the interdependence of the open DNS infrastructure, providing a deep understanding of the clustered ODNS structure and its implications.

Abstract: There are over a million open DNS servers in the wild. However, not all servers perform recursive queries directly. Instead, many DNS forwarders forward queries to upstream recursive servers or other DNS forwarders for name resolving on their behalf. The groups of open servers that have such dependencies on each other form ODNS Clusters. The dependencies can result in vulnerabilities; yet we have little knowledge of the ODNS cluster structure. In this work, we measure the inter-dependence of open DNS resolvers and find that 1.9 million open DNS servers form only 81,636 ODNS clusters. We further analyze the characteristics of the clustered ODNS structure. The key observations include biased cluster size distribution, discrepancy of ODNS infrastructures among countries, concentration in major public DNS server providers, and potential security and resilience risks due to the dependence.

Submission Number: 311

Loading