An FPGA based soft multiprocessor for DNS/DNSSEC authoritative server

This paper deals with the idea of implementing a complete network service on a chip. Herein, we propose an original design together with an efficient implementation of an authoritative domain name system (DNS) server on a Virtex 5 FPGA circuit. The proposed approach exploits the use of a hardware accelerator, MicroBlaze soft-processor cores and an adequate mapping between the DNS specifications and the hardware architecture leading to a Multi-Processor System on Chip (MPSoC). We propose new architectures by translating the DNS specifications to hardware form through the ''Specification and Description Language'' (SDL) tool. The proposed implementation allows significant reduction in power consumption together with significant performance and security improvement. The proposed architectures have been successfully implemented and tested on an actual network. The obtained results show a query performance improvement of around 200% with respect to the ''Berkeley Internet Name Domain'' (BIND) 9 server.

[1]  Panos Lekkas Network Processors , 2003 .

[2]  A. Guillard DNSSEC Operational Impact and Performance , 2006, 2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06).

[3]  Ahmed Amine Jerraya,et al.  VHDL generation from SDL specifications , 1996 .

[4]  Scott Rose,et al.  Resource Records for the DNS Security Extensions, RFC 4034 | NIST , 2005 .

[5]  Jean-Luc Gaudiot,et al.  Features of Future Network Processor Architectures , 2006, IEEE John Vincent Atanasoff 2006 International Symposium on Modern Computing (JVA'06).

[6]  D.S. Reeves Group address recognition with perfect hashing hardware - Extended abstract , 1992, IEEE Workshop on the Architecture and Implementation of High Performance Communication Subsystems.

[7]  John W. Lockwood,et al.  Algorithms and architectures for network search processors , 2006 .

[8]  Antonio Cantoni,et al.  Implementation of dynamic look-up tables , 1994 .

[9]  Ramaswamy Chandramouli,et al.  SP 800-81 Rev. 1. Secure Domain Name System (DNS) Deployment Guide , 2010 .

[10]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[11]  Kimura Shigetomo,et al.  An FPGA Implementation of DNS Servers Using a Simple Hash Function , 2005 .

[12]  John A. Chandy,et al.  FPGA based string matching for network processing applications , 2008, Microprocess. Microsystems.

[13]  Daniel Massey,et al.  Protocol Modifications for the DNS Security Extensions RFC 4035 | NIST , 2005 .

[14]  Jing-Long Chu Jing-Long Chu,et al.  Smart gateway systems for Internet security for broadband communication networks: SoC solutions and FPGA demonstrations , 2003, ASIC, 2003. Proceedings. 5th International Conference on.

[15]  Douglas Comer,et al.  Network Systems Design Using Network Processors , 2003 .