Research Revealed on Authoritative Servers at the Second Level
ICANN is interested in the infrastructure supporting the identifiers that we help coordinate, and the Domaine Name System (DNS) has a wide variety of infrastructure. There has already been a fair amount of research about the root servers and the Top-Level Domains (TLD) servers, but there are many more authoritative servers in addition to those. We want to find out the general health of the authoritative servers at the levels below those that are typically studied, and to see what this indicates about the future of the DNS. This blog post covers research that was presented recently at the DNS OARC meeting in Dallas, Texas (https://indico.dns-oarc.net/event/25/).
A bit of terminology first: the root servers are the authoritative name servers for the root zone and the TLD servers are the authoritative name servers for zones at the first level below the root zone (such as for "com" and "org" and so on). This study looks at the authoritative name servers for the level below that: those that serve the information for names like "icann.org", "ford.com", "house.loan", and "loan.house". This is not the entire set of DNS name servers, but it represents the largest population of them.
The research starts with going through all of the zone files for all the generic Top-Level Domains (gTLDs); the result is 186 million domain names and 3.5 million name servers serving those names. One of the first things we found is that one tenth of the "glue records" in the zone files are possibly bad because they are not associated with names in the zone file itself. (Glue records are additional data that comes in responses that helps speed the process of searching for name servers). In the future, we will dig deeper to see how serious the issue is and if we can find patterns that might lead to fixing it.
One of the goals of this test is to see how many name servers on the second level use the Extension Mechanisms for DNS (EDNS0) protocol (https://www.rfc-editor.org/rfc/rfc6891.txt). This protocol is the primary way that the DNS has been expanded in the past few years and will be expanded in the future, so it is important to know how widely EDNS0 is deployed before relying on it. The good news is that, of the servers that responded at all, about 95% showed that they implemented EDNS0.
The research also looked at some ways that DNS name servers misbehave to determine if we could possibly identify patterns. We found that over 5% of the servers responded to queries that they should not have, and when they did, they gave wildly different answers. It is not likely that this behavior has any significant negative effect on the DNS infrastructure, but it does indicate a lot of misconfiguration.
This type of public research will help ICANN and the various technical communities understand the operational needs of the DNS now and in the future. Various researchers from around the world at the DNS OARC meeting had many suggestions for related research that they would like to see based on the ICANN presentation. Fortunately, the testbed for doing this research is easily adaptable, and it is our intention to run the tests to look for different reliability and extensibility indicators, probably collaborating with other researchers on an ongoing basis.