Google moves to extend DNS protocol
Geo loco revamp
Google has teamed with DNS maven Neustar to propose an extension to the net's existing Domain Name System protocol, hoping to improve the way the protocol maps web users to particular data centers.
The news comes little more than a month after the web giant cum world power sensationally entered the DNS resolution business with its free Google Public DNS service.
Yesterday, Google and Neustar posted their proposed DNS extension to the dnsext mailing list, and other DNS providers - including conspicuous Google rival OpenDNS - are named as contributors to the proposal.
The Domain Name System converts text urls into numeric IP addresses. Typically, the first layer of this process - the "recursive" DNS service - is run by your ISP. But alternatively, you can opt for a third-party recursive provider like OpenDNS or, yes, Google. The recursive provider then taps records websites have stored with "authoritative" DNS providers like Neustar's UltraDNS.
In essence, the extension proposed by Google and Neustar would allow recursive DNS providers to pass a portion of the user's IP address data to the authoritative provider. This gives the authoritative provider a better idea of where users are located, which means it's more likely to send users to a nearby data center when resolving a net address.
If a site is served up from multiple locations, the authoritative provider will attempt to send the user to the closest location. But as it stands, authoritative providers only see the IP address of the recursive provider - not the end user. If you're in, say, San Francisco but you're using a recursive DNS provider based in Chicago, the website you're trying to visit can only assume you're in Chicago.
"As more and more people start to use recursive systems [along the lines of OpenDNS], this is becoming a much bigger problem," Neustar senior director of technology Sean Leach, who coauthored the DNS proposal, tells The Reg.
Leach tells us that early this fall - before Google released PublicDNS - Neustar approached Mountain View about collaborating on an extension of the DNS protocol and discovered that the Mountain View giant was already working on such a project.
Under the new DNS extension proposed by Google and Neustar, the recursive provider would pass the first three octets - i.e. the top 24 bits - of the user IP, so the authoritative provider would not have access to the entire address.
Today, the recursive provider already grabs the user's IP - and that includes Google. Mountain View unveiled its free Google Public DNS in early December. This was billed as an effort to speed DNS resolutions, but it also gives Google access to additional slice of user traffic data.
According to the company, it limits how long it retains certain information collected by its Public DNS service, including your IP. Your IP address, Google says, is stored but then deleted after 24 to 48 hours.
Nonetheless, Google's new service has been sharply criticized by OpenDNS, the current market leader. "To think that Google’s DNS service is for the benefit of the Internet would be naive. They know there is value in controlling more of your Internet experience and I would expect them to explore that fully," said CEO and founder David Ulevitch.
"It’s not clear that Internet users really want Google to keep control over so much more of their Internet experience than they do already - from Chrome OS at the bottom of the stack to Google Search at the top, it is becoming an end-to-end infrastructure all run by Google, the largest advertising company in the world. I prefer a heterogeneous Internet with lots of parties collaborating to make this thing work as opposed to an Internet run by one big company.". ®
Update: This article has been updated to removed claims that this proposal would speed resolutions
Sponsored: Global DDoS threat landscape report