The .com zone already has multiple entry nodes. Maybe not the design you would propose though... Given the relatively small size of the zone files compared to the memory capacity of modern machines, you can argue for a one or two tier system depending on your hardware platform characteristics. DNS was designed to work within the constraints of a single tier architecture, it has grown above the rate of Moore's law at times, but is not growing at that rate recently. DNS lookups are highly concentrated in a subset of domains. A more appropriate architecture for the DNS would be a 1.5 tier architecture where the front end servers maintain the x% of domains that answer 99% of queries locally and go to second tier systems for the other 1%. You say you have no political agenda, but a change of that magnitude would have to be driven by a powerful political incentive. A lot of the costs of running core DNS come from the cost of dealing with large scale malicious attacks. Here there is a problem with the economics of the Internet, the ISPs have little incentive to stop botnets on their local networks mounting DDoS attacks on the DNS roots as they would bear the costs while the registry sees the benefit. ANYCAST has an interesting effect in that it means that ISPs who negligently allow botnets to perform DDoS attacks are going to see their own network response impacted in direct proportion. A network architecture in which the large ISPs received the major DNS feeds as zone transfers and took charge of the local distribution themselves would be a lot more resilient than the current arrangement. Unfortunately our current political constraints lock us into an architecture that is unnecessarily vulnerable to DDoS attack and does not impose accountability on the sources of that attack. Nor are AOL, Comcast etc going to be too interested in taking on the costs of distributing DNS locally unless ICANN is willing to share some of that $6.50 per domain revenues. As with a lot of Internet economics, it makes little sense unless you start to try to propose something better. At root is the problem that each communication has two sides and it is not at all clear which side is obtaining the real value from the communication. In the telephone system the assumption is (usually) that the initiator of the call is getting the value. In the Internet the costs are too small to measure at the fine grain level but enormous when aggregated. On Fri, Jun 12, 2009 at 10:55 AM, Sabahattin Gucukoglu<mail@xxxxxxxxxxxxxxxxxxxxxxxx> wrote: > Silly question, I'm sure - any chance of putting the DNS into a gigantic DHT > and spreading the entry nodes liberally about the planet? > > Cheers, > Sabahattin > > PS: No political agenda implied. > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf > -- -- New Website: http://hallambaker.com/ View Quantum of Stupid podcasts, Tuesday and Thursday each week, http://quantumofstupid.com/ _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf