Feeds

Google moves to extend DNS protocol

Geo loco revamp

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Google has teamed with DNS maven Neustar to propose an extension to the net's existing Domain Name System protocol, hoping to improve the way the protocol maps web users to particular data centers.

The news comes little more than a month after the web giant cum world power sensationally entered the DNS resolution business with its free Google Public DNS service.

Yesterday, Google and Neustar posted their proposed DNS extension to the dnsext mailing list, and other DNS providers - including conspicuous Google rival OpenDNS - are named as contributors to the proposal.

The Domain Name System converts text urls into numeric IP addresses. Typically, the first layer of this process - the "recursive" DNS service - is run by your ISP. But alternatively, you can opt for a third-party recursive provider like OpenDNS or, yes, Google. The recursive provider then taps records websites have stored with "authoritative" DNS providers like Neustar's UltraDNS.

In essence, the extension proposed by Google and Neustar would allow recursive DNS providers to pass a portion of the user's IP address data to the authoritative provider. This gives the authoritative provider a better idea of where users are located, which means it's more likely to send users to a nearby data center when resolving a net address.

If a site is served up from multiple locations, the authoritative provider will attempt to send the user to the closest location. But as it stands, authoritative providers only see the IP address of the recursive provider - not the end user. If you're in, say, San Francisco but you're using a recursive DNS provider based in Chicago, the website you're trying to visit can only assume you're in Chicago.

"As more and more people start to use recursive systems [along the lines of OpenDNS], this is becoming a much bigger problem," Neustar senior director of technology Sean Leach, who coauthored the DNS proposal, tells The Reg.

Leach tells us that early this fall - before Google released PublicDNS - Neustar approached Mountain View about collaborating on an extension of the DNS protocol and discovered that the Mountain View giant was already working on such a project.

Under the new DNS extension proposed by Google and Neustar, the recursive provider would pass the first three octets - i.e. the top 24 bits - of the user IP, so the authoritative provider would not have access to the entire address.

Today, the recursive provider already grabs the user's IP - and that includes Google. Mountain View unveiled its free Google Public DNS in early December. This was billed as an effort to speed DNS resolutions, but it also gives Google access to additional slice of user traffic data.

According to the company, it limits how long it retains certain information collected by its Public DNS service, including your IP. Your IP address, Google says, is stored but then deleted after 24 to 48 hours.

Nonetheless, Google's new service has been sharply criticized by OpenDNS, the current market leader. "To think that Google’s DNS service is for the benefit of the Internet would be naive. They know there is value in controlling more of your Internet experience and I would expect them to explore that fully," said CEO and founder David Ulevitch.

"It’s not clear that Internet users really want Google to keep control over so much more of their Internet experience than they do already - from Chrome OS at the bottom of the stack to Google Search at the top, it is becoming an end-to-end infrastructure all run by Google, the largest advertising company in the world. I prefer a heterogeneous Internet with lots of parties collaborating to make this thing work as opposed to an Internet run by one big company.". ®

Update: This article has been updated to removed claims that this proposal would speed resolutions

Beginner's guide to SSL certificates

More from The Register

next story
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.