In this episode of PING, Sara Dickinson from Sinodun Internet Technologies and Terry Manderson, VP of Information Security and Network Engineering at ICANN discuss the ICANN DNS stats collector system that ICANN commissioned, and Sinodun wrote for them.
This system consists of two parts, a DNS stats compactor framework that captures data in the C-DNS format — a specified set of data in CBOR format — and the DNS stats visualizer, which uses Grafana. The C-DNS format is not a complete packet capture but allows the recreation of all the DNS context of the query and response. It was standardized in 2019, in an RFC authored by Sara, her partner John Dickinson, Jim Hague, John Bond and Terry.
Unlike DSC, which is a five-minute sample aggregation system, this system can preserve a significantly larger amount of the seen DNS query information and can even be used to recreate an on-the-wire view of the DNS (albeit not one-to-one identical to the original IP packet flows).
This episode discusses the ICANN Managed Rootserver System (IMRS), also known as ‘L-Root’, which has nearly 200 points of deployment worldwide. Many of them are behind a restricted bandwidth management channel. Because of insufficient local capacity to perform regular ongoing full packet capture using tools like tcpdump or dnscap (such as the Day In The Life or DITL exercises organized by DNS OARC) this system was designed to allow as much information as possible to be captured and exported from the IMRS system in an ongoing sustained manner.
ICANN is committed to a transparent operation of its IMRS services, and the DNS stats collector is designed to enhance a wider understanding of how the system operates and the kind of DNS traffic load it sees.
Read more about the systems, and IMRS online:
- RFC 8618 Compacted-DNS (C-DNS): A Format for DNS Packet Capture
- The ICANN GitHub repository for DNS Stats
- ICANN Managed Root Server (IMRS)
Subscribe and share your story
You can stream and subscribe to PING via the following channels:
If you’re interested in sharing your insights or research, please get in touch — we’re always looking for great stories from the community. And please do let us know what you think of the podcast as well as the APNIC Blog so we can keep improving
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.