The Domain Name System (DNS) is a significant component of modern-day internet. Despite this fact, DNS traffic is mostly unencrypted, and as such a likely target for exploitation by malicious actors. The advancement of programmable switches presents researchers with the opportunity to explore DNS traffic from a new vantage point, without sacrificing network bandwidth. In spite of the incentive, DNS research in programmable switches has been scarce, owing to the difficulty in parsing DNS packets. We present a general solution to DNS packet parsing that can handle the vast majority of DNS packets (97%) using current hardware and can easily be scaled to parse all DNS packets as hardware improves. Our highly configurable solution can be adjusted to fit many distinct use cases. Additionally, we explore the challenges involved in parsing DNS packets and present common pitfalls appearing in previous research attempting to do so.
|Title of host publication||SOSR 2022 - Proceedings of the 2022 Symposium on SDN Research|
|Publisher||Association for Computing Machinery, Inc|
|Number of pages||8|
|State||Published - 19 Oct 2022|
|Event||2002 ACM SIGCOMM Symposium on SDN Research, SOSR 2022 - Virtual, Online, United States|
Duration: 20 Oct 2022 → …
|Name||SOSR 2022 - Proceedings of the 2022 Symposium on SDN Research|
|Conference||2002 ACM SIGCOMM Symposium on SDN Research, SOSR 2022|
|Period||20/10/22 → …|
Bibliographical noteFunding Information:
We thank the anonymous SOSR reviewers and our shepherd Rinku Shah for their valuable feedback. This work is supported by the Israel Science Foundation under grant No. 980/21.
© 2022 ACM.
- data plane
- network measurement
- programmable networks
- programmable switch