[dns-operations] Everyone having their own resolver

Matthew Pounsett matt at conundrum.com
Wed Feb 3 18:34:18 UTC 2016


> On Feb 3, 2016, at 12:20 , Paul Hoffman <phoffman at proper.com> wrote:
> 
> On 3 Feb 2016, at 7:41, Matthew Pounsett wrote:
> 
>> The existing infrastructure can probably handle it initially, sure .. but expect your domain registrations and DNS hosting to be an order of magnitude more expensive.   Much of the authoritative infrastructure has an overhead multiplier built into its capacity, where the multiplier is locally chosen based on the likelihood and impact of DDoS.  Some infrastructures are built to handle over 100x the “normal” traffic load.
>> 
>> When the normal query rate sees an order (or two) magnitude jump, it eats away that extra capacity built into the system, and everyone has to scale up to get back their DDoS-eating overhead.
> 
> These are interesting bold statements, and I've heard similar over the past few years.
> 
> Has anyone ever measured this? That is, there are a bunch of people on this very mailing list who have access to the caches and possibly even the query logs for Very Large Resolvers. It would be grand to see current research (or at least a list of good recent research) on what percentage of queries are for things in the long tail.

The ad-based measurement system built by Geoff Huston and George Michaelson has provided some very good information on the number of individual systems behind the very large recursive servers such as Google and OpenDNS.  From memory, because I can’t seem to put my hands on the presentation slides at the moment, I believe it’s in the neighbourhood of 25% of the Internet’s users behind a very small number (2-3?) of resolver farms, and 90% of all users behind less than 1% of the visible resolvers.

I’m sure George or Geoff are on here to contradict my recollection.






More information about the dns-operations mailing list