Resilience of the Domain Name System: A case study of the .nl-domain

In this paper we analyse the resilience of the Domain Name System (DNS). We study the impact on the availability of DNS data of certain domains for the users of the Internet when parts of the DNS infrastructure become unavailable. We perform our analysis on the level of autonomous systems and hence we explore the impact when an autonomous system (and all the routers, name servers and resolvers located in it) fails or when interconnections between autonomous systems fail. We provide a generic method to carry out this resilience analysis, in which we first identify the domain names within the analysed domain, the autonomous systems where the name servers and resolvers for this domain reside, and the interconnections and relations between these autonomous systems. Next, we simulate failure scenarios to analyse the impact on the reachability of autonomous systems and the corresponding DNS data when autonomous systems or connections between them become unavailable. Our method can identify bottlenecks and single points of failure that should be mitigated in order to improve resilience. We demonstrate our method in a case study for the .nl-domain and its underlying second-level domains.