Design and Implementation of Secure Prefetch Mechanism for Multi-step Name Resolution in DNS.

According to the Domain Name Industry Brief 2015 by VeriSign, the amount of domain names has reached to 296 million across all top-level domains (TLDs) with increase of 5.9 percent year over year. Considering each domain name may have at least one resource record requiring multi-step name resolution such as MX (Mail eXchange), CNAME (Canonical Name) and SRV (Service), etc. the DNS traffic and name resolution delay is in increase trend. In this paper, we propose a secure prefetch mechanism for multi-step name resolution in DNS to speedup the Internet services that use those records and reduce DNS traffic. We implemented a prototype system by customizing conventional BIND (Berkeley Internet Name Domain) on Linux system and evaluated the proposed mechanism using domain name measurement tool. The results confirmed that the prototype system worked properly as we designed. Moreover, we compared the latency of multi-step name resolution in the prototype system with that in the conventional BIND and confirmed that not only the number of query times but also approximately 30% of latency can be reduced in our proposed mechanism.