Measuring the Centrality of DNS Infrastructure in the Wild

The centralization of the global DNS ecosystem may accelerate the creation of an oligopoly market, thereby, increasing the risk of a single point of failure and network traffic manipulation. Earlier studies have revealed the level of centralization in terms of the market share of public DNS services and DNS traffic seen by major CDN providers. However, the level of centralization in the infrastructure of the DNS Ecosystem is not well understood. In this paper, we present a novel and lightweight measurement approach that effectively discovers resolver pools from a single probing point. We conduct an Internet-wide active measurement on the client-side as well as the server-side DNS infrastructure to assess the level of DNS centralization in terms of the supporting infrastructure. Our measurement results show that the DNS infrastructure is much more centralized than previously believed. Over 90% of forwarding resolvers are backed by less than 5% (4071) of indirect resolvers. Merely 0.45% (12,679) of all name servers across 1138 gTLDs, operated by just 10 DNS providers, provide authoritative domain resolution service for 48.5% (more than 100 million) of domain names. We also investigated several leading DNS providers in IP infrastructure, load distribution, and service geo-distribution. The findings of our measurements provide novel insights into the centrality of the DNS infrastructure, which will help the Internet community promote the understanding of the DNS ecosystem.