Internet Privacy

DNS Location Data (DNS LOC)

The Internet's "Domain Name System" (DNS) is solely responsible for converting domain names into IP addresses. You can almost think of DNS as a separate network. While technically part of the Internet, rather than being content focused, DNS servers describe the structure of the Internet.

DNS is effectively a hierarchical, distributed database that exercises a practice called, delegated authority. This philosophy of delegating or passing along responsibility pushes the maintenance of DNS records as close to their associated destinations as possible. This enables organizations to appoint their own DNS server, which in turn allows them to differentiate the user experience through active domain management.

DNS Server Types

There are several types of DNS servers, which are differentiated based on specialized roles. The two most prevalent are recursive and authoritative.

Recursive DNS Servers

Recursive DNS servers - also known as recursive resolvers respond to DNS queries from downstream devices. Most DNS servers are recursive. If a recursive DNS server receives a qurey for which it does not have a matching record, it sends seeks out the information on behalf of the requesting device. The recursive resolver reaches out to the authoritative DNS server associated with the domain name. To do that, the recursive DNS server needs to determine the IP address of the corresponding authoritative DNS server. This process works a little differently than one might expect.

Authoritative DNS Servers

Authoritative DNS servers are the last step in the process of determining an IP address that corresponds to the requested domain name. They are specific to the domain name they serve and contain a "map" of all sub-names in the domain name (e.g. and Authoritative name servers only respond to requests from other DNS servers.

So, when a recursive DNS server needs a copy of a DNS record, how does it obtain it from an authoritative DNS server? Authoritative server lookups begin at the top of the DNS chain. A DNS record information request is sent from the recursive DNS server to a root DNS server. Root servers are at the top of the proverbial food chain and contain the master "map" of all Top-Level-Domain (TLD) DNS servers. TLDs are at the top of the DNS hierarchy for each domain name type (e.g. .com, .net, .org, etc.). The DNS root server redirects the requesting recursive DNS server to the appropriate Top-Level-Domain (TLD) server. It uses that address information to request the address from the TLD server of the corresponding authoritative DNS that owns the record the requesting recursive DNS server is looking for. The TLD server then looks up the IP address of the authoritiative server for the requested domain name. The result is returned to the requesting recursive DNS server. Finally, the recursive DNS server caches this information and returns a copy to the orginally requesting host device.

Diagram of a recursive resolver DNS server requesting DNS record from an authoritative DNS server

Recursive DNS servers typically cache DNS queries for a period of time. If an IP address match for the requested domain name was not found, a status of "not found" is returned.

The DNS LOC Record

DNS records are not just about converting address names into binary IP addresses. The entire purpose of DNS is to intelligently route IP traffic across the Internet. Thousands of servers distributed around the world implement DNS, making the service resilient to failures and attacks, as well as making it high performance. This includes mechanisms designed to make sure you use DNS servers closest to you from a network topology perspective.

Drafted in 1996, RFC 1876: A Means for Expressing Location Information in the Domain Name System defines a standard for an optional physical location record to DNS called the DNS LOC Record ("DNS LOC" or resource ID 29), stored as a DNS Resource Record (RR). Resource Records are pre-defined fields in DNS data transmissions. They may be identified by their name or resource ID (a numeric integer). The term "LOC" stands for "location" and is a coded manifestation of the host device's physical longitude and latitude based on the World Geodetic System, WGS84 (circa 1984). A host device in this context means a device inserting DNS LOC record information into a DNS record.

Old Standard, New Practical Uses

While the LOC Record is optional (RFC 1876 is still considered experimental), it is normally injected into DNS traffic by an intermediary server during the DNS lookup process. For example, many ISPs insert a DNS LOC record into DNS requests. Where this information gets entered in the process varies. Most ISPs apply the information when a packet originating on their network passes through a node (edge network), Central Office (local loop), or hub (regional node or up-link). A node is a telecommunications end-point. It can also be interpreted as the point where outbound traffic transitions from your ISP's network to the Internet. Regardless, the purpose is to obfuscate your exact location while providing insight into the vicinity of your connection's origin, and results in your approximate physical location being passed on through the network of DNS servers.

DNS LOC and Privacy Concerns

DNS LOC records were originally envisioned as a method of making routing information more efficient. While that is still true today, a number of other practical uses have evolved over time. These include:

  • Investigations by law enforcement and IT security agencies to track the origin of cyberattacks
  • Building out geographically segmented CDNs (Content Distribution Networks)
  • Location-specific targetted advertising by ISPs, edge network providers, telecom, and e-commerce companies
  • Tracking a user's whereabouts based on DNS queries

Concerns about privacy are the flip-side of the coin when it comes to sharing information. Most consumers perceive tangible benefits to sharing their location information, but only to the extent of when they are consciously aware of when they are sharing such information.1

For example, in the mobile internet space, users have become accustomed to the presence of real-time, automatic location-based tracking and content delivery (e.g. online maps), and welcome the concept of geo-targeted advertisements as a logical evolution.2 Another example of perceived benefits by many consumers stems from government programs such as E-911, which are able to utilize cellular tower data to narrow a user's location in real-time to the level of meters after the user dials 9-1-1 on a mobile device (or directly to a pre-defined physical street address in the case of landlines).

As a result of demand and technological improvements, Content Distribution Networks (CDNs) have seen an explosion in growth over the past few years. CDNs are a good example of how the IT industry has evolved to meet the growing demand for geo-targeting users. If consumers continue to be receptive to these business practices, expect the trend to continue. In the minds of many consumers, shared physical location knowledge tends to improve end user experiences. Content-driven businesses have wasted no time in trying to drive home that message.