D-Root Nameserver Measurement


Measurement and analysis of the query traffic sent to the D-Root DNS root nameserver, which is hosted by University of Maryland.


D-Mystifying the D-Root Address Change
Matthew Lentz, Dave Levin, Jason Castonguay, Neil Spring, Bobby Bhattacharjee
IMC 2013 (International Measurement Conference) Short Paper
Paper Slides
Show Abstract

On January 3, 2013, the D-root DNS server hosted at the University of Maryland changed IP address. To avoid service disruption, the old address continues to answer queries. We perform an initial investigation of the traffic at both the new and old addresses before, during, and since the flag day. The data we collected show non-obvious behavior: the overall query volume to the D-roots increases by roughly 50%, the old address continues to receive a high volume of queries months after the changeover, and far more queries to the old address succeed than those to the new one. Our analysis provides a window into how compliant resolvers change over and how non-standard and seemingly malicious resolvers react (or not) to the IP address change. We provide evidence that a relatively small number of implementation errors account for nearly all discrepancies that are not misconfigurations or attacks.

Hide Abstract


Bobby Bhattacharjee
Jason Castonguay
Matthew Lentz
Dave Levin
George Pittarelli
Neil Spring

UMD Logo