Title: Evaluation of the Proximity between Web Clients and their Local DNS Servers
1Evaluation of the Proximity between Web Clients
and their Local DNS Servers
- Z. Morley Mao
- UC Berkeley (zmao_at_eecs.berkeley.edu)
- Chuck Cranor, Fred Douglis, Michael Rabinovich,
Oliver Spatscheck, and Jia Wang - ATT Labs--Research
2Motivation
- Content Distribution Networks (CDNs)
- Try to deliver content from servers close to
users - Current server selection mechanisms
- Uses Domain Name System (DNS)
- Assumes that clients are close to their local DNS
servers orginator problem
Verify the assumption that clients are close to
their local DNS servers
3Measurement setup
- Three components
- 1x1 pixel embedded transparent GIF image
- height1 width1
- A specialized authoritative DNS server
- Allows hostnames to be wild-carded
- An HTTP redirector
- Always responds with 302 Moved Temporarily
- Redirect to a URL with client IP address embedded
4Embedded image request sequence
5Measurement impact
- Image (43 Byte) embedded at the end of the page,
requested last - Keynote measurement
Average download latency (sec)
6Measurement Data
7Measurement statistics
8Top 10 busy ASes by request count
9Proximity metrics 1. AS, 2. network clustering
- AS clustering
- Observes if client and LDNS belong to the same AS
- Network clustering
- Network cluster based on BGP routing information
using longest prefix match - Observes if client and LDNS belong to the same
network cluster
10Proximity metric3. traceroute divergence
Probe machine
a
- Use the last point of
- divergence
- Traceroute divergence
- Max(3,4)4
b
1
1
2
2
3
3
4
11Proximity metric4. Roundtrip time correlation
- Correlation between message roundtrip times from
a probe site to the client and its LDNS server - The probe site represents a potential cache
server location - A crude metric, highly dependent on the probe
site
12Aggregate statistics of AS/network clustering
- About 12,000 Ases
- Observed close to 80 total ASes
- 440,000 unique prefixes
- 25 of all possible network clusters
13Proximity analysis resultsAS, network clustering
- AS clustering coarse-grained
- Network clustering fine-grained
- Most clients not in the same routing entity as
their LDNS - Clients with LDNS in the same cluster slightly
more active
14Proximity analysis resultsTraceroute divergence
- Probe sites
- NJ(UUNET), NJ(ATT), Berkeley(calren),
Columbus(calren) - Sampled from top half of busy network clusters
- Median divergence 4
- Mean divergence 5.8-6.2
- Ratio of common to disjoint path length
- 72-80 pairs traced have common path at least as
long as disjoint path
15Improved local DNS configuration
- For client-LDNS associations not in the same
cluster, does there exist a LDNS in clients
cluster?
Client IPs
HTTP requests
16Clients using multiple LDNS
- A single client IP can be associated using
multiple LDNS - First LDNS times out, second contacted
- LDNS assigned dynamically through DHCP server
- LDNS configuration with multiple IPs
- Client IP reused by different users
- Client IP is the address of NAT or proxy
- Misconfiguration
- Majority of clients are associated with a single
LDNS 78
17Clients using 10 or fewer LDNS
18Client IPs using large number of LDNSs
- Common domain names (30-241 LDNS)
- .MIL, apnc, bbnplanet.com, hsacorp.net,
webcache.rcn.net, cache.webcache.rcn.net,
cache0.proxy.aol.com, cache.brightok.net,
cache.ruh.isu.net.sa, .onenet.net,
hh.direcpc.com, cob-cache.r.state.mn.us,
mango.arctic.net, netcache.net.ca.gov,
proxy..netsetter.com, .nortelnetworks.com,
rad.afonline.net, .prserv.net, .cisco.com,
ss.co.us.ibm.com, thing5.csc.com,
.wwwcache.ja.net
19Example client IP using large number of LDNSs
- Client
- 216.34.56.12 (proxy.sjc.netsetter.com)
- Using 241 LDNS
- 753 requests
- Belong to marketscore.com
- Offers free browser plug-in for web acceleration
- Using clients LDNS to do name resolution on
behalf of client? - HTTP headers
- Via header NetCache Network Appliance
- X-forwarded-for 10.104.1.115, 10.104.1.31
- Client-ip client IP address (dialup customers)
20Top LDNS serving most clients
21Examination of clients from individual ASes
22Impact on commercial CDNs
- Impact on server selection accuracy
- Look for clients
- With LDNS responds to queries
- With a cache server in clients cluster
- Whether directed to a cache server in a different
cluster? misdirected
23Impact on commercial CDNsAS clustering
24Impact on commercial CDNsNetwork clustering
25Why choosing a cache in a different cluster?
- Even when both client and LDNS are in the same
cluster? - Possible reasons
- Load-balancing algorithms using different metrics
- E.g., network access costs
- Caches are different
- Clustering too coarse-grained
- CDN mapping inaccuracies?
26Lessons from study of commercial CDNs
- AS hop count is a bad metric for closeness
evaluation - too coarse-grained
- Maybe better choosing a geographically closer
cache server in a different AS - For load-balancing, fault-tolerance, CDNs
sometimes return cache servers in two different
Ases
27Related work
- Measurement methodology
- IBM (Shaikh et al.)
- Time correlation of DNS and HTTP requests from
DNS and Web server logs - Univ of Boston (Bestavros et al.)
- Assigning multiple IP addresses to a Web server
- Differences from our work
- Our methodology efficient, accurate,
nonintrusive - Web bugs
- Proximity metrics
- Ciscos Boomerang protocol uses latency from
cache servers to the LDNS
28Conclusion
- Novel technique for finding client and local DNS
associations - Fast, non-intrusive, and accurate
- DNS based server selection works well for
coarse-grained load-balancing - 64 associations in the same AS
- 16 associations in the same NAC
- Server selection can be inaccurate if server
density is high