Abstract: In one embodiment, a zone resiliency application indicates that an authoritative name server is in a degraded state. In operation, the zone resiliency application determines that the authoritative name server is in a degraded state. The zone resiliency application then generates a status record that indicates the degraded state. Subsequently, the zone resiliency application associates the status record with a domain name service (DNS) response to a DNS query. The zone resiliency application then transmits the DNS response and the associated status record to a requester.

Abstract: In one embodiment, a zone resiliency application indicates that an authoritative name server is in a degraded state. In operation, the zone resiliency application determines that the authoritative name server is in a degraded state. The zone resiliency application then generates a status record that indicates the degraded state. Subsequently, the zone resiliency application associates the status record with a domain name service (DNS) response to a DNS query. The zone resiliency application then transmits the DNS response and the associated status record to a requester.

Abstract: In one embodiment, a resolution resiliency application modifies domain name service (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server has begun recovering from a degraded state or receives a flush list update from the authoritative name server. In response, the resolution resiliency application performs operation(s) that modify a query rate and/or a cache. The query rate specifies a frequency associated with DNS queries transmitted to the first authoritative name server. The cache stores DNS record(s) received from the first authoritative name server. Finally, the resolution resiliency application generates a DNS response to a DNS query based on the modified query rate and/or the modified cache.

Abstract: A resolution resiliency application performs robust domain name system (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server that is responsible for a domain name specified in a DNS query is unavailable. In response to determining that the authoritative name server is unavailable, the resolution resiliency application performs operation(s) that modify one or more DNS records stored in a cache based on one or more resiliency policies associated with the authoritative name server. The resolution resiliency application then generates a DNS response to the DNS query based on a DNS record stored in the modified cache. Notably, the disclosed techniques increase the likelihood of providing clients with DNS responses that accurately provide requested information.

Abstract: A method of detecting a DDOS attack is disclosed. The method includes obtaining, at an authoritative DNS server, a plurality of DNS query packets from a plurality of DNS requestors over a communications network; analyzing, by an electronic processor, a set of the plurality of DNS query packets; determining, by an electronic processor, that a subset of the plurality of DNS query packets of the set meets a predetermined threshold for a rate of DNS queries; filtering the plurality of DNS query packets based on the determining to produce a filtered number of DNS query packets; and providing, by the authoritative DNS server, a DNS response for the plurality of DNS query packets that were filtered.

Abstract: In one embodiment, a zone resiliency application indicates that an authoritative name server is in a degraded state. In operation, the zone resiliency application determines that the authoritative name server is in a degraded state. The zone resiliency application then generates a status record that indicates the degraded state. Subsequently, the zone resiliency application associates the status record with a domain name service (DNS) response to a DNS query. The zone resiliency application then transmits the DNS response and the associated status record to a requester.

Abstract: In one embodiment, a resolution resiliency application performs robust domain name system (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server that is responsible for a domain name specified in a DNS query is unavailable. In response to determining that the authoritative name server is unavailable, the resolution resiliency application performs operation(s) that modify one or more DNS records stored in a cache based on one or more resiliency policies associated with the authoritative name server. The resolution resiliency application then generates a DNS response to the DNS query based on a DNS record stored in the modified cache. Notably, unlike conventional techniques that may generate inaccurate DNS responses based on stale DNS records, the disclosed techniques increase the likelihood of providing clients with DNS responses that accurately provide requested information.

Abstract: In one embodiment, a resolution resiliency application modifies domain name service (DNS) resolution. In operation, the resolution resiliency application determines that an authoritative name server has begun recovering from a degraded state or receives a flush list update from the authoritative name server. In response, the resolution resiliency application performs operation(s) that modify a query rate and/or a cache. The query rate specifies a frequency associated with DNS queries transmitted to the first authoritative name server. The cache stores DNS record(s) received from the first authoritative name server. Finally, the resolution resiliency application generates a DNS response to a DNS query based on the modified query rate and/or the modified cache.

Abstract: A method of detecting a DDOS attack is disclosed. The method includes obtaining, at an authoritative DNS server, a plurality of DNS query packets from a plurality of DNS requestors over a communications network; analyzing, by an electronic processor, a set of the plurality of DNS query packets; determining, by an electronic processor, that a subset of the plurality of DNS query packets of the set meets a predetermined threshold for a rate of DNS queries; filtering the plurality of DNS query packets based on the determining to produce a filtered number of DNS query packets; and providing, by the authoritative DNS server, a DNS response for the plurality of DNS query packets that were filtered.