Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure

Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure

This repository contains the software artifacts which have been used to measure transparent DNS forwarders. This is a fixed release copy of the official artifacts repository.

NOTE: If you use our tools, please cite our paper as follows:

Nawrocki, M., Koch, M., Schmidt, T. C., & Wählisch, M. (2021).
Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure.
CoNEXT '21, December 7–10, 2021, Virtual Event, Germany. ACM.
https://doi.org/10.1145/3485983.3494872

Abstract

In this paper, we revisit the open DNS (ODNS) infrastructure and, for the first time, systematically measure and analyze transparent forwarders, DNS components that transparently relay between stub resolvers and recursive resolvers.

Our key findings include four takeaways. First, transparent forwarders contribute 26% (563k) to the current ODNS infrastructure. Unfortunately, common periodic scanning campaigns such as Shadowserver do not capture transparent forwarders and thus underestimate the current threat potential of the ODNS. Second, we find an increased deployment of transparent forwarders in Asia and South America. In India alone, the ODNS consists of 80% transparent forwarders. Third, many  transparent forwarders relay to a few selected public resolvers such as Google and Cloudflare, which confirms a consolidation trend of DNS stakeholders. Finally, we introduce DNSRoute++, a new traceroute approach to understand the network infrastructure connecting transparent forwarders and resolvers.