DNS Performance and the Effectiveness of Caching Jung, Sit, Balakrishnan, and Morris This is a follow-on to the 1992 study, basically to see what's changed in 9 years. Beyond that, this work focuses more on the actual traffic volumes and characteristics, rather than focusing in so tightly on the bugs observed. They also try to tie the DNS lookups to the TCP connections established using the addresses obtained. Two things leapt out at me from their data. First was the effectiveness of caching for high-level nameservers in successful lookups. At least 75% of all DNS requests completed with no referrals at all, indicating that, although a lookup was required (no cached mapping for the desired host itself), the resolver did have the proper nameserver cached and was able to avoid walking any of the server hierarchy. Essentially all lookups completed with at most one referral, but this is likely due to the flattened structure of names as anything else. On average, successful lookups required only 1.2 round-trip messages, which correlates precisely to the referral-count information. The other thing that leapt out at me was the correlation between lookup popularity and TTL. Again this is to be expected, for two reasons: the main reason for small TTL is DNS-based load-balancing, which makes sense only for popular sites, and a feedback effect: short TTL for the A record will mean more frequent lookups, while a longer TTL will allow the resolvers inside the two networks to cache the result longer and reduce the frequency of requests sent past the tracer to the outside world. Even so, the effect is striking, and larger than I would have guessed. Less encouraging was the finding that about 60% of all DNS traffic is associated with lookups that ultimately fail. That a great deal of effort is expended in futile searches is to be expected, but 60% is really an awful lot for a small number of requests. Also interesting was the technique to check on servers that applied negative caching, and the discovery that it is widely deployed, and still hasn't really cut down on the traffic from failed lookups.