This Article 
 Bibliographic References 
 Add to: 
Protecting BGP Routes to Top-Level DNS Servers
September 2003 (vol. 14 no. 9)
pp. 851-860

Abstract—The Domain Name System (DNS) is an essential part of the Internet infrastructure and provides fundamental services, such as translating host names into IP addresses for Internet communication. The DNS is vulnerable to a number of potential faults and attacks. In particular, false routing announcements can deny access to the DNS service or redirect DNS queries to a malicious impostor. Due to the hierarchical DNS design, a single fault or attack against the routes to any of the top-level DNS servers can disrupt Internet services to millions of users. In this paper, we propose a path-filtering approach to protect the routes to the critical top-level DNS servers. Our approach exploits both the high degree of redundancy in top-level DNS servers and the observation that popular destinations, including top-level DNS servers, are well-connected via stable routes. Our path-filter restricts the potential top-level DNS server route changes to be within a set of established paths. Heuristics derived from routing operations are used to adjust the potential routes over time. We tested our path-filtering design against BGP routing logs and the results show that the design can effectively ensure correct routes to top-level DNS servers without impacting DNS service availability.

[1] P. Mockapetris, Domain Names Concept and Facilities RFC 1034, Nov. 1987.
[2] D. McGuire, Getting to the Root of All E-Mail The Washington Post, Mar. 2002.
[3] ICANN, DNS Security Update 1 dns-security-update-1.htm, Jan. 2002.
[4] R. Mahajan, D. Wetherall, and T. Anderson, Understanding BGP Misconfiguration Proc. ACM SIGCOMM, Aug. 2002.
[5] RIPE Routing Information Service npris-index.html, 2003.
[6] J. Rexford, J. Wang, Z. Xiao, and Y. Zhang, BGP Routing Stability of Popular Destinations Proc. ACM SIGCOMM Internet Measurement Workshop, Nov. 2002.
[7] R. Arends, M. Larson, D. Massey, and S. Rose, DNS Security Introduction and Requirements Internet Draft, Dec. 2002.
[8] Y. Rekhter and T. Li, Border Gateway Protocol 4 RFC 1771, July 1995.
[9] L. Wang, X. Zhao, D. Pei, R. Bush, D. Massey, A. Mankin, S. Wu, and L. Zhang, Observation and Analysis of BGP Behavior under Stress Proc. ACM SIGCOMM Internet Measurement Workshop, Nov. 2002.
[10] C. Labovitz, A. Ahuja, A. Bose, and F. Jahanian, Delayed Internet Routing Convergence Proc. ACM SIGCOMM, Aug./Sept. 2000.
[11] D. Pei, X. Zhao, L. Wang, D. Massey, A. Mankin, S. Wu, and L. Zhang, Improving BGP Convergence through Consistency Assertions Proc. IEEE INFOCOM, June 2002.
[12] J. Yu, A Route-Filtering Model for Improving Global Internet Routing Robustness ting.html , 1997.
[13] T. Bates, R. Bush, T. Li, and Y. Rekhter, DNS-Based NLRI Origin AS Verification in BGP Internet Draft, 1998.
[14] S. Kent, C. Lynn, and K. Seo, Secure Border Gateway Protocol IEEE J. Selected Areas in Comm., vol. 18, no. 4, Apr. 2000.
[15] X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S. Wu, and L. Zhang, Detection of Invalid Routing Annoucements in the Internet Proc. Int'l Conf. Dependable Systems and Networks, June 2002.
[16] G. Goodell, W. Aiello, T.G. Griffin, J. Ioannidis, P. McDaniel, and A. Rubin, Working around BGP: An Incremental Approach to Improving Security and Accuracy of Interdomain Routing Proc. Symp. Network and Distributed System Security, Feb. 2003.
[17] X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S. Wu, and L. Zhang, An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Proc. ACM SIGCOMM Internet Measurement Workshop, Nov. 2001.
[18] O. Maennel and A. Feldmann, Realistic BGP Traffic for Test Labs Proc. ACM SIGCOMM, Aug. 2002.
[19] D. Atkins and R. Austein, Threat Analysis of the Domain Name System Internet Draft, Nov. 2002.
[20] B. Smith and J.J. Garcia-Luna-Aceves, Securing the Border GatewayRouting Protocol Proc. Global Internet, Nov. 1996.
[21] J.J. Garcia-Lunes-Aceves and S. Murthy, A Loop-Free Path-Finding Algorithm: Specification, Verification and Complexity Proc. IEEE INFOCOM, Apr. 1995.

Index Terms:
Fault-tolerance, DNS infrastructure protection, route hijacking, BGP path filtering.
Lan Wang, Xiaoliang Zhao, Dan Pei, Randy Bush, Daniel Massey, Lixia Zhang, "Protecting BGP Routes to Top-Level DNS Servers," IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 9, pp. 851-860, Sept. 2003, doi:10.1109/TPDS.2003.1233708
Usage of this product signifies your acceptance of the Terms of Use.