Spain’s Telefónica SA is the latest carrier to announce it is switching from open source software to a Domain Name System (DNS) caching server from Nominum Inc. (See Telefónica Picks Nominum.)

It's more evidence that the move to converged IP networks may be putting new demands on the already stressed DNS software. It's gotten to the point that carriers are finding the open source software they relied on in the past isn’t up to the task, say carriers such as Telefónica.



DNS software, which translates domain names into IP addresses, wasn’t designed for the kind of heavy duty, always-on use it’s been getting, not only as Internet traffic soars, but as more and more IP-based devices, from telephones to TV set-top boxes, get added to the network. It might be a bit like trying to run a factory with a Toyota car engine.

Telefónica offers both consumer and business triple-play services and has between 2.5 million and 3 million residential customers. Daniel Diaz Sanz, senior manager of Telefónica’s Advanced Technology Group, says the carrier started shopping around for software because the open source BIND (Berkeley Internet Name Domain) software "didn’t work" -- it was unable to handle the increase in domain lookup requests that comes with more IP traffic. With plans to reach 7 million residential customers by 2008, the carrier needs software that can scale to support that kind of customer growth.

As carriers like Telefónica move into triple and even quadruple-play services, they're seeing the need to upgrade their software, and moving away from open source. Nominum counts large operators like (NYSE: BT; London: BTA), (Nasdaq: COLT; London: CTM.L), (NYSE: TI), and among its customers.

"BIND is the most used software across the Internet... But if you start pushing it, it starts degrading in a number of ugly ways," says Albert Gouyet, Nominum’s VP of marketing.

Sanz says Telefónica was using BIND 8 software and considered upgrading to version 9, but decided that moving from open source to closed software would provide added security. Aside from the sheer volume of traffic, the increase in worms and viruses that attack the DNS by flooding it with requests have put an added strain on BIND.

According to research released today by , up to 12 percent of these attacks on a broadband provider's network are launched internally, often by unsuspecting users whose computers have become infected. The report notes that providers have become focused on security from external attacks but need to look at tools that will shut down internal malicious traffic before it reaches subscribers. (See Sandvine Warns of Threat Within.) In addition to good detection and cleansing tools, DNS software can help absorb the extra traffic the attacks generate and keep the network online while the problem is contained.

— Nicole Willing, Reporter, Light Reading