[dns-operations] Survey of How to Solving DNS Errors

Fri Aug 16 14:11:58 UTC 2024

Hi,

Thank you for your response and explanations.

I still disagree with the characterization of NXDOMAIN as a resolution error. That's like characterizing a red street light as a driving error.

I seems worthwhile to assess the prevalence of NXDOMAIN outcomes, but I believe it's better to do this by asking how frequency what kinds of resolution *outcomes* are observed, and one outcome would be NXDOMAIN, another would be errors (timeouts, SERVFAIL, ...).

At the very least, a definition of "resolution errors" would have to be given before asking the questions.

If the study remains as is, my expectation is that insights will be biased and/or limited, and you should expect them to be strongly criticized. Thanks for inviting again to participate, but I don't feel comfortable with it at this point.

Best,
Peter

On 8/16/24 15:54, 苗发生 wrote:
> 
> 
> 
>> -----原始邮件-----
>> 发件人: "Peter Thomassen" <peter at desec.io>
>> 发送时间:2024-08-15 18:37:58 (星期四)
>> 收件人: "Ralf Weber" <dns at fl1ger.de>, "Xiang Li" <idealeer521 at gmail.com>
>> 抄送: dns-operations at lists.dns-oarc.net, mfs24 at mails.tsinghua.edu.cn, lixiang at nankai.edu.cn
>> 主题: Re: [dns-operations] Survey of How to Solving DNS Errors
>>
>> Hi.
>>
>> On 8/15/24 11:25, Ralf Weber wrote:
>>> I’m not sure what data you want to get out of that research, but IMHO it is
>>> upfront missing a definition of what a resolution error is.
>>
>> Question 4 ("What types of DNS resolution errors have you encountered most frequently?") has NXDOMAIN as one option, which implies that NXDOMAIN counts as a resolution error.
>>
>> But of course, it's not a resolution error, but a valid outcome of a successful resolution.
>>
>> Before reaching this question, I had selected "rarely" for question 3 ("How often does your organization encounter DNS resolution errors?").
>>
>> With the knowledge from question 4, the only valid answer for question 3 however seems "daily", or even "all the time" (which is not an answer option).
>>
>> Including NXDOMAIN as a resolution error will lead to biased results. For example, many people may select seeing this "daily", which may lead to a publication saying that "DNS resolution errors happen all the time", which is vastly inaccurate.
>>
>> So, unfortunately, I aborted the survey at this point, as it is not well-defined, and I did not want to increase sample size in this case.
>>
>> Best,
>> Peter
>>
>> -- 
>> https://desec.io/
> 
> 
> You are right. NXDomain is the result of a successful resolution query, indicating that the domain name does not exist. However, within our framework, we consider the absence of a corresponding IP address as a domain resolution error. Therefore, we classify NXDomain as a resolution error. Moreover, in many existing studies, NXDomain and other RCODE error codes are also categorized as resolution errors. Our goal is to detect all domain resolution errors and analyze the root causes and potential security threats behind these errors. NXDomain indicates that a domain does not exist, but the reasons for its nonexistence remain unknown—be it domain revocation, the domain never having been registered, etc. If possible, we would still appreciate it if you could fill out the questionnaire and include your thoughts and understanding in it. Thank you.

-- 
Like our community service? 💛
Please consider donating at

https://desec.io/

deSEC e.V.
Kyffhäuserstr. 5
10781 Berlin
Germany

Vorstandsvorsitz: Nils Wisiol
Registergericht: AG Berlin (Charlottenburg) VR 37525