Skip navigation links
OX logotype

DNS in a 5G Network Core

Meeting your software and architecture needs
with OX PowerDNS

More than 80 countries actively invest in 5G, the latest generation of mobile networks, and global commercial roll-out is ongoing and more are expected in 2020. 5G provides improved performance and bandwidth to supply rapid mobile internet speed, supports factory and manufacturing automation, delivers against high data transfer and scalability requirements of IoT devices, and introduces edge networking to supply services close to the user. To achieve this, 5G comes with a completely new vision. It will incorporate fundamental architectural changes towards an SDN/NFV based network, and specific goals for new services such as VR/AR, achieved with new concepts such as network slicing.

5G aims to provide not just enhanced bandwidth, but also will significantly lower the network latency experienced by connected devices. In addition, 5G will be able to host large numbers of connected devices per cell, an improvement needed for billions of connected ‘Internet of Things’ devices in the near future. New challenges such as orchestration, (ultra)-low latency, and network slicing create different requirements for DNS software and architecture. For an in-depth overview of 5G requirements for DNS software and architecture, please download the OX whitepaper “DNS in a 5G Network Core: New Requirements and Demands”.

Legacy DNS architectures are not sufficient to meet the 5G requirements in areas such as latency, security, edge computing, and IoT. Check out how OX PowerDNS is 5G-ready and lets you fulfill the promises of a 5G world. 

5G DNS Whitepaper

Download the ‘DNS in a 5G Network Core’ whitepaper for more information.

Download Whitepaper

Low latency DNS Service and 5G Edge Computing

5G networks will have to serve billions of IoT devices, machine-to-machine communication and consumers’ connectivity demands for content streaming and more. They aim to provide ultra-low latencies with targets of 1ms to 4ms down from 40ms for 4G/LTE infrastructure. Legacy DNS setups do not support those targets and significantly reduce performance. Service providers must ensure that their DNS does not become the next bottleneck. To achieve your 5G latency targets, it is vital that your DNS service provides fast responses to the end-user.

DNS Service as Virtualized Network Functions

To achieve this, OX PowerDNS allows telecom operators to deploy the (distributed) DNS service as Virtualized Network Functions (VNF’s) near the end-user, on the edge-nodes of the 5G network. In order to balance between many caches near the user, and centralized caches with lots of content, we introduce the concept of Tiered Caching, where a small cache is deployed in Edge DNS servers, combined with a pool of (more centralized) servers with a large cache. This provides an optimal balance between fast localized DNS responses and minimizing latency for domains that are looked up less frequently.

Virtualization, Orchestration & Control Plane Functionality

In order to ensure DNS service is on par with the requirements for 5G, the DNS service must be deployable as a true ‘VNF’ (or Virtualized Network Function). This means that the software must be capable of being run on Virtual Machines (VMs), and also that the software forming the VNF must be truly “cloud-native” and has to come with the ability to run in containerized infrastructure. 

OX PowerDNS comes with exactly this functionality. It runs on virtualized environments as a VNF ‘out of the box’ and comes with various (ansible-based) automation tools that allow for deployment automation, elastic scaling, and configuration management.

In order to manage this virtualized infrastructure, OX PowerDNS provides Metronome support and Prometheus API endpoints for monitoring and reporting on the various instances, has long-term query logging and searching capabilities, and provides end-to-end performance measurement tools.

Optimized 5G DNS architecture to support 5G performance needs

  • Deployment at the edge of the network
  • Software must be capable of being run as VNF (VMs, Containers etc)
  • High numbers of servers require orchestration
  • Support for control plane functionality to provide monitoring, deployment automation, configuration management etc.
  • Encrypted DNS Support
  • Localized Content Server support
  • DNS aware Load Balancing to optimize cache hits

5G and IoT Security

Already, IoT devices are compromised for use in botnets. With the additional capabilities of 5G the number of connected devices, and the available bandwidth for them, will rise even further. This makes 5G IoT devices a prime target for malicious activities.

Providing network-based protection helps control security of connected IoT devices as soon as they connect to their Command and Control centers. OX Protect provides DNS-based detection and alerting for when IoT devices are potentially infected with malware and allows blocking of access to command and control centers to prevent Botnet activation.



OX PowerDNS comes with 5G and IoT DNS Security
  • Network-based protection
  • DNS-based detection, blocking and alerting
  • Rate-limiting and abuse-detection

DNS Encryption and Privacy

Communications between mobile and IoT devices and the services they use need to be protected from being intercepted, monitored or modified. DNS and end user DNS lookups are no exception. OX PowerDNS handles this issue with DNS encryption and DNSSEC. DNS over TLS (DoT) and DNS over HTTPS (DoH) are used to encrypt the traffic between the DNS client and the DNS resolver. DNSSEC secures the integrity of DNS answers by validating responses so that DNS clients can trust the answers they receive and trust they have not been modified by a third-party. This is very important for many 5G services, particularly those involving mission critical IoT devices such as connected cars and healthcare devices. These have a strong requirement to ensure the integrity of DNS answers provided by the network, and to prevent hijacking or cache-poisoning attacks which can lead to private or highly sensitive data being leaked to criminals.

OX PowerDNS provides 5G DNS Encryption and Privacy
  • DNS over TLS (DoT)
  • DNS over HTTPS (DoH)
OX PowerDNS equips you with everything needed to meet 5G DNS software and architecture requirements:
NFV / Control Plane
  • VNF Support out of the box

Ansible automation:

  • Deployment Automation
  • Elastic Scaling
  • Config Management

Monitoring & Reporting:

  • Prometheus API Endpoints for Statistics per Server
  • Metronome Support
  • Long-term Query logging and searching
  • End-To-End Performance Measurement

Security and Privacy


  • DNS over HTTPS (DoH)
  • DNS over TLS (DoT)
  • DNSSEC Signing and Validation

Security Malware Filtering:

  • System-Wide or Per-User Malware Filtering
  • Block/ Detect Phishing and Malware
  • Alerting/ Notification Support

  • Edge DNS Service near the End-User
  • Tiered Caching
  • DNS aware Load Balancing to optimize Cache Hits
  • Edge Computing Support

Fast Local Content
  • EDNS Client-Subnet Support -
    Passing Information about the original IP Address to Downstream Server
  • Locality Tagging
  • Edge Computing Support

IoT Security
  • Detect and Alert when IoT Devices are potentially infected with Malware
  • Prevent Botnet Activation
  • Protect your Network from ‘IoT’ based Malware and DDoS
5G DNS Whitepaper

Learn more about 5G DNS requirements and how OX PowerDNS meets your network needs.

Download Whitepaper

Contact Us

Contact Open-Xchange for detailed information, specific OX PowerDNS questions, pricing and more.

Contact OX