``Exploring EDNS-Client-Subnet Adopters in your Free Time"
Florian Streibelt, Jan Boettger, Nikolaos Chatzis, Georgios Smaragdakis, and Anja Feldmann.
The recently proposed DNS extension, EDNS-Client-Subnet (ECS), has been quickly
adopted by major Internet companies such as Google to better assign user
requests to their servers and improve end-user experience.
In this paper, we show that the adoption of ECS also offers unique, but likely
unintended, opportunities to uncover details about these companies' operational
practices at almost no cost. A key observation is that ECS allows to
resolve domain names of ECS adopters on behalf of any arbitrary IP/prefix in the
Internet. In fact, by utilizing only a single residential vantage point and
relying solely on publicly available information, we are able to (i) uncover
the global footprint of ECS adopters with very little effort, (ii) infer the
DNS response cacheability and end-user clustering of ECS adopters for an arbitrary
network in the Internet, and (iii) capture snapshots of user to server mappings
as practiced by major ECS adopters. While pointing out such new measurement
opportunities, our work is also intended to make current and future
ECS adopters aware of which operational information gets exposed when utilizing
this recent DNS extension.