Internet Nameserver IPv4 and IPv6 Address Relationships

Download
Author
Arthur Berger
Nicholas Weaver
Beverly, Robert
Larry Campbell
Date
2013Metadata
Show full item recordAbstract
The modern Domain Name System (DNS) provides not only resolution, but also enables intelligent client routing, \eg for Content Distribution Networks (CDNs). The adoption of IPv6 presents CDNs the opportunity to utilize different paths when optimizing traffic, and the challenge of appropriately mapping IPv6 DNS queries. This work seeks to discover the associations between Internet DNS client resolver IPv6 address(es) and IPv4 address(es). We design and implement two new techniques, one passive and one active, to gather resolver pairings. The passive technique, deployed in Akamai's production DNS infrastructure, opportunistically discovered 674k (IPv4, IPv6) associated address pairs within a six-month period. We find that 34\% of addresses are one-to-one, \ie appear in no other pair, a fraction that increases to $\approx 50$\% when aggregating IPv6 addresses into /64 prefixes. The one-to-one associations are suggestive, but not a sufficient condition, of dual-stack DNS recursive resolvers. We further substantiate our inferences via PTR records and software versions, and manual verification of sample pairings by three major Network Operators. Complex associations, where \eg distributed DNS resolution leads to inferred address groupings that span continents and many autonomous systems exist, a subset of which we explore in more depth using the active probing technique. Among potential uses, Akamai is currently utilizing screened output from the passive technique, in conjunction with prior knowledge of IPv4, to inform IPv6 geolocation within its CDN.
Description
Proceedings of the Thirteenth ACM SIGCOMM Internet Measurement (IMC 2013) Conference, Barcelona, ES, October 2013
The article of record as published may be located at http://dx.doi.org/10.1145/2504730.2504745.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Counter Directed Energy Warfare (CDEW)
Blau, Joseph A.; Johnson, Bonnie W.; Cohn, Keith; Green, John (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N003-ADirected Energy Weapons (DEW) will proliferate and become a threat exploited by adversaries due to high potential mission success and low cost compared to traditional weapons. Counter DEW (CDEW) methods and capabilities ... -
Inferring Internet server IPv4 and IPv6 address relationships
Beverly, Robert; Berger, Arthur; Weaver, Nicholas; Campbell, Larry (Monterey, California : Naval Postgraduate School, 2013-06-21);While IPv6 is finally experiencing non-trivial deployment, IPv4 and IPv6 are expected to co-exist for the foreseeable future, implying dual-stacked devices, and protocol interdependence. We develop and deploy a system for ... -
Decomposition of MAC Address Structure for Granular Device Inference
Martin, Jeremy; Rye, Erik; Beverly, Robert (2016-12);Common among the wide variety of ubiquitous networked devices in modern use is wireless 802.11 connectivity. The MAC addresses of these devices are visible to a passive adversary, thereby presenting security and privacy ...