DNS in a 5G Network

Meeting your software and architecture needs with PowerDNS

5G aims to provide not just enhanced bandwidth, but will also significantly lower the network latency experienced by connected devices. In addition, 5G will be able to host large numbers of connected devices per cell, an improvement needed for billions of connected IoT devices in the near future. This poses additional demands on all network services, including DNS. Within 5G, new concepts, such as orchestration, (ultra)-low latency, and network slicing, create different requirements for DNS software and architecture.

Legacy DNS architectures are not sufficient to meet the requirements of 5G in areas such as latency, security, edge computing, and IoT.
Service providers must ensure that their DNS does not become the next bottleneck. It is vital that your DNS service provides extremely low-latency responses to connected devices to fulfill the promises of 5G.

Check out how PowerDNS is 5G-ready and lets you fulfill the promises of a 5G world.

Edge DNS and Tiered Caching for Fast DNS Responses

PowerDNS allows telecom operators to deploy distributed DNS services near the end-user, on the edge-nodes of the 5G network. In order to balance between many caches near the user, and centralized caches with lots of content, we introduce the concept of Tiered Caching, where a small cache is deployed in Edge DNS servers, combined with a pool of (more centralized) servers with a large cache. This provides an optimal balance between fast localized DNS responses and minimizing latency for domains that are looked up less frequently.

Virtualization, Orchestration & Control Plane Functionality

In order to ensure DNS service is on par with the requirements for 5G, the DNS service must be truly ‘cloud-native’ and has to come with the ability to run in containerized infrastructure. PowerDNS comes with exactly this functionality. It runs on virtualized, NFV or cloud-native environments ‘out of the box’ and provides various automation tools that allow for deployment automation, elastic scaling, and remote configuration management.

Cloud-native PowerDNS

PowerDNS Provides an Optimized DNS Architecture to Support 5G Performance Needs

  • Deployment at the edge of the network
  • Can be deployed as cloud-native, VNF or on bare-metal
  • Orchestration for high numbers of servers
  • Monitoring, deployment automation, remote configuration management etc.
  • Encrypted DNS
  • Localized content server
  • DNS aware load balancing to optimize cache hits
  • Network-wide or per-user security filtering
  • Deployment at the edge of the network
  • Can be deployed as cloud-native, VNF or on bare-metal
  • Orchestration for high numbers of servers
  • Monitoring, deployment automation, remote configuration management etc.
  • Encrypted DNS
  • Localized content server
  • DNS aware load balancing to optimize cache hits
  • Network-wide or per-user security filtering

Read more about how PowerDNS exceeds market standards to deliver against your 5G needs in our whitepaper.

Download Whitepaper

IoT Security for 5G

Already, IoT devices are compromised by botnets. With the additional capabilities of 5G, the number of connected devices, and the available bandwidth for them, will rise even further. This makes 5G-enabled IoT devices a prime target for malicious activities.

PowerDNS supports network-based protection to enhance security of IoT devices as soon as they connect to their command and control centers. PowerDNS Protect provides DNS-based detection and alerting for when IoT devices are potentially infected with malware and allows blocking of access to command and control centers to prevent botnet activation.

DNS Encryption & Privacy

Communications between IoT devices and the services they use need to be protected from being intercepted, monitored or modified. DNS lookups are no exception. PowerDNS handles this issue with DNS encryption and DNSSEC. DNS over TLS (DoT) and DNS over HTTPS (DoH) are used to encrypt the traffic between the DNS client and the DNS resolver. DNSSEC secures the integrity of DNS answers by validating responses so that DNS clients can trust the answers they receive without potential modifications by a third-party. This is very important for many 5G services, particularly those involving mission critical IoT devices, such as connected cars and healthcare devices. These need to ensure the integrity of DNS answers provided by the network and prevent hijacking or cache-poisoning data leakage attacks.

PowerDNS comes with 5G and IoT DNS Security
  • Network-based protection
  • DNS-based detection, blocking and alerting
  • Rate-limiting and abuse-detection
PowerDNS provides 5G DNS Encryption and Privacy
  • DNS over TLS (DoT)
  • DNS over HTTPS (DoH)
  • DNSSEC
PowerDNS equips you with everything needed to meet 5G DNS software and architecture requirements:
Deployment Possibilities
  • Bare-metal
  • Virtualized / NFV
  • Cloud-native
Control Plane Functionality
  • Deployment automation
  • Elastic scaling
  • Configuration management
  • Helm support for cloud-native setups
  • Ansible support for bare-metal, virtualized / NFV installations
Monitoring & Reporting
  • Prometheus API endpoints for statistics per server
  • Metronome support
  • Long-term query logging and searching
  • End-to-end performance measurements
Security & Privacy
  • DNS over HTTPS (DoH)
  • DNS over TLS (DoT)
  • DNSSEC signing and validation
  • System-wide or per-user malware filtering
  • Block/detect phishing and malware
  • Alerting/notification support
Latency
  • Edge DNS service near the end-user
  • Tiered caching
  • DNS aware load balancing to optimize cache hits
  • Edge computing support
Fast Local Content
  • EDNS client-subnet support – passing information about the original IP address to downstream server
  • Locality tagging
  • Edge computing support
IoT Security
  • Detect and Alert when IoT Devices are potentially infected with Malware
  • Prevent botnet activation
  • Protect your network from IoT-based malware and DDoS

Deployment Possibilities
  • Bare-metal
  • Virtualized / NFV
  • Cloud-native
Control Plane Functionality
  • Deployment automation
  • Elastic scaling
  • Configuration management
  • Helm support for cloud-native setups
  • Ansible support for bare-metal, virtualized / NFV installations
Monitoring & Reporting
  • Prometheus API endpoints for statistics per server
  • Metronome support
  • Long-term query logging and searching
  • End-to-end performance measurements
Security & Privacy
  • DNS over HTTPS (DoH)
  • DNS over TLS (DoT)
  • DNSSEC signing and validation
  • System-wide or per-user malware filtering
  • Block/detect phishing and malware
  • Alerting/notification support
Latency
  • Edge DNS service near the end-user
  • Tiered caching
  • DNS aware load balancing to optimize cache hits
  • Edge computing support
Fast Local Content
  • EDNS client-subnet support – passing information about the original IP address to downstream server
  • Locality tagging
  • Edge computing support
IoT Security
  • Detect and Alert when IoT Devices are potentially infected with Malware
  • Prevent botnet activation
  • Protect your network from IoT-based malware and DDoS

Learn more about PowerDNS in action

BTlogo

Providing BT with 5G-ready DNS

Equipping BT with DNS to meet current broadband, as well as future 5G and IoT, traffic and security demands.

Download case study

  Contact us to learn more about our solutions.

Contact Us