Active Measurement of Open Resolver Service Nodes

Driven by the growing number of DNS requests on the Internet, the architecture of the recursive resolver has become more huge and complex, especially for open resolvers that provide resolution services to the public. There are many service nodes with different roles in the open resolver, and the nodes that directly communicate with the authoritative server are called recursive egress nodes. This paper proposed a distributed measurement system and performed active measurement and analysis on the characteristics of the egress node of open resolvers collected from passive DNS traffic and third party active scanning. The results from 65 vantage points show that (1) most open resolvers have dozens of recursive egress nodes, and (2) most open resolvers have deployed at least one IPv6 address egress node, while IPv4 address still dominates the service node configuration. (3) A small amount of recursive egress nodes is reused by a large number of open resolvers, so that a large amount of DNS request traffic on the Internet is concentrated on limited recursive egress nodes, which will reduce the redundancy of DNS and cause cyber security risks. (4) The median distances between most open resolvers with multiple egress nodes and the users usually exceed 1000 kilometers, which will bring negative effect on the scheduling accuracy of CDN.