On 29-mrt-2006, at 18:34, Keith Moore wrote:
- DNS is often out of sync with reality
Dynamic DNS updates are your friend.
From an app developer's point-of-view, DDNS is worthless. DDNS is far
from universally implemented, and when it is implemented, it's often
implemented badly. DDNS can actually makes DNS a less reliable
source of information about the host.
In network operations you always see that stuff that isn't really
used is a big mess, because nobody cares to set it up correctly in
the first place and/or maintain it after that. Since current peer to
peer applications (the applications that use referrals) don't bother
with the DNS and for non-servers its only other purpose is looking
pretty, it's no surprise that DNS info isn't very good. But there is
no fundamental reason why it can't be set up correctly and be kept in
reasonable sync if people care to do so. DDNS is a great tool for
that, and as I wrote in my previous message, almost a requirement
with IPv6, but there are other ways to do it as well.
- DNS is slow and unreliable.
It doesn't have to be, running a decent DNS service isn't rocket
science.
Sometimes DNS is slow and unreliable because of poor server
administration; sometimes it's slow and unreliable for other
reasons. The very design of DNS is starting to look like an
anachronism.
If it's good enough for the web and email, why wouldn't it be good
enough for p2p? (Which in itself is often very unreliable.)
- many networks use other ways of doing name to address mapping for
local hosts.
Not sure what you mean here.
Let me put it another way - lots of hosts that need to participate
in distributed apps aren't listed in public DNS.
Because there is little reason for them to be. But even if that's
something that continues to be so, it would still be better to use
the DNS when available and use the address otherwise, rather than
ignore the DNS completely.
Using DNS names as identifiers for referrals has problems.
Using IP addresses as identifiers for referrals has a different set of
problems. But IP addresses are a lot closer than DNS names.
With the difference that the DNS is the control plane where you have
time to think about stuff, while IP is the data plane where you need
to perform millions of lookups per second.
Stable identity needs to happen at a
higher level, and rejecting DNS names for this because of a few
simple operational difficulties is a bad idea.
I wasn't talking about stable references
I wasn't talking about long-term stable either, just stable enough to
make referrals work.
But even in that case, it's not clear how to fix DNS to be
reliable. Protocol quality issues aside, there's not anything like
a consensus on how DNS should be used.
If we can agree which problem should be solved where, then consensus
on the details becomes a lot easier. What I'm saying is that the IP
address wont be an identifier stable enough to handle referrals in
the future, so any protocols that make this assumption won't work
very well.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf