By: Anas Al-Hammouri, Regional Sales Manager, Telco and SPs, Middle East & Turkey at Infoblox
Fifth Generation wireless (5G) signifies a vast improvement over current cellular wireless technology in terms of speed, response time, reliability, number of supported device types and device density per square kilometer. The technology has the potential to transform cell phone usability. 5G’s potential applications go beyond cell phones to the Internet of Things (IoT) and sensors, enabling innovations in mobile health, telesurgery, automated manufacturing, smart cities, e-sports, VR/AR gaming and connected vehicles.
Network Operator Requirements and Challenges
The transition to 5G and accompanying industry impact will create numerous technical challenges for network operators and service providers, especially with the core network services vital to 5G connectivity: DNS, DHCP and IP address management (DDI). Among the most pressing challenges are:
- Ultra-low DNS latency to enable real-time applications
- Auto-scaling DDI for network slicing
- Distributing DDI services to the network edge for multi-access edge computing (MEC) in the smallest possible footprint
With 5G—Latency Matters More Than Ever
At 5 milliseconds, current DNS latency is too high to support many 5G applications. For example, in 5G deployments, AR/ VR, gaming, connected cars, and telesurgery will require end to-end latency of 1-10 milliseconds. Clearly, current DNS latency is unacceptable. The pervasive connectivity of 5G will increase reliance on edge computing, which brings cloud resources compute, storage, and networking—closer to applications, devices, and users. 5G implementations will require greater use of small cell stations at the very edge of the network, so data need not travel long distances to a cloud or data center. To ensure unhindered traffic flow at the edge, DNS services must also be positioned at the edge.
A New Variable: Encrypted DNS
New encrypted DNS standards have emerged that, while protecting the privacy of DNS requests and the integrity of responses, Communications Service Providers (CSPs) can lose some of the control needed to govern DNS usage within their networks unless they provide their encrypted DNS services. DNS over TLS (transport layer security) or DoT, and DNS over HTTPS or DoH, work by encrypting the DNS communication between your operating system’s stub resolver or a local application and your recursive DNS resolver. Both technologies ensure data privacy and authentication by encrypting communications between DNS clients and servers. However, in doing so, many solutions are changed to point to external DNS resolvers, allowing client devices to access DNS services outside of the provider’s control and exposing the subscriber to potential security risks and negative customer experiences.
Providers need to reduce the risks these technologies pose. Implementing encryption through the DNS resolver on the network allows service providers to remain in control of their subscriber’s network experience. It will enable providers to continue to provide security, content filtering and other critical on-net services.