|
On 3/8/19 12:43 PM, Michael Richardson wrote: I am top-quoting a bit to introduce. I started a new thread and severed the references/in-reply-to chain from my message about /.well-known. Keith makes what I first felt was a very controversial and unsupportable claim about DNS vs services. DNS has been widely successful at the Internet scale. On the other hand, I happened to be in the offices of a ccTLD this week doing some non-DNS work. I happened to be within earshot of a support person answering the same question about why the ccTLD couldn't fix the caller's web site/domain... So maybe it's not so succesful if the complex web-server/DNS-server/registrar/ccTLD relationship is still opaque to so many. Keith Moore <moore@xxxxxxxxxxxxxxxxxxxx> wrote: > The last thing we need is even more use of DNS[*] to locate > services. DNS is too often out of sync with reality as it is. A really > unfortunate consequence of using DNS for service discovery results from > a tendency to centralize DNS administration within an organization, > even if (as is often the case) hosts and applications are administered > in a distributed fashion. In any organization large enough to have an > administrative hierarchy, this is a profoundly dysfunctional > arrangement. It gives the central DNS administration a huge amount of > ability to break things (whether due to incompetence, poor > communication, or petty turf wars - usually some of all of these), > whereas the very nature of such an organization makes it almost > impossible for them to get things right. Using DNS for SD in a > widespread fashion only exacerbates the problem. It seems that you are arguing for a technology fix to a management problem. (the "why we can't have nice things" lament comes to mind) To be clear, I was just making some observations. I don't (yet)
have any specific fixes in mind. (So efforts at damage control
might be premature :) But neither do I assume that the problem
is a management problem. I think it's at least arguable that the
"management problem" exists because of the design or is
exacerbated by it. But I think that this set of problems with DNS illustrates one of
many areas in which the Internet architecture didn't anticipate
the diversity that the Internet would become. I am not pointing a
finger at anyone either - except maybe IETF itself for
abdicating any role in managing the Internet architecture. (and I
think I understand why, but that's another tangent) Meanwhile these problems aren't going away and are still getting
worse. So I think it makes sense to take a step back and look for
potential fixes. It might be that most of the fixes aren't
technology fixes, and those that are, are just small tweaks. And DNS isn't the only part of the Internet architecture that
deserves such a look. It's just that when I read the IETF list
these days I usually find myself shaking my head sadly at some of
the things that are said, but thinking it's not worth the trouble
to reply. On this particular occasion I decided to take a stab at
it. Keith
|
