IETF Logo Mail Archive

Re: [dnsext] Re: a definition of consistency

Jim Reid <jim@rfc1035.com> Fri, 29 January 2010 11:49 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 375E13A688D; Fri, 29 Jan 2010 03:49:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.359
X-Spam-Level:
X-Spam-Status: No, score=-106.359 tagged_above=-999 required=5 tests=[AWL=-0.060, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ssug982KX6C; Fri, 29 Jan 2010 03:49:25 -0800 (PST)
Received: from psg.com (psg.com [147.28.0.62]) by core3.amsl.com (Postfix) with ESMTP id 5976E3A687B; Fri, 29 Jan 2010 03:49:25 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1NapGJ-000JzZ-Ed for namedroppers-data0@psg.com; Fri, 29 Jan 2010 11:43:43 +0000
Received: from [195.54.233.65] (helo=hutch.rfc1035.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.71 (FreeBSD)) (envelope-from <jim@rfc1035.com>) id 1NapGH-000Jyx-0i for namedroppers@ops.ietf.org; Fri, 29 Jan 2010 11:43:41 +0000
Received: from gromit.rfc1035.com (gromit.rfc1035.com [195.54.233.69]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jim) by hutch.rfc1035.com (Postfix) with ESMTPSA id 37062154283B; Fri, 29 Jan 2010 11:43:39 +0000 (GMT)
Cc: namedroppers@ops.ietf.org
Message-Id: <BB97B845-9302-4D3E-8A4A-5D685CC97099@rfc1035.com>
From: Jim Reid <jim@rfc1035.com>
To: Colm MacCárthaigh <colm@allcosts.net>
In-Reply-To: <6f5b6fe71001290223h77443b7cy21eb884a868daf46@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Apple Message framework v936)
Subject: Re: [dnsext] Re: a definition of consistency
Date: Fri, 29 Jan 2010 11:43:38 +0000
References: <201001290216.DAA11317@TR-Sys.de> <6f5b6fe71001290132s258b9eb3i1cdbd3e6f4c75f7f@mail.gmail.com> <2F01D84C-6633-499F-B3D3-ACE924AD40DF@rfc1035.com> <6f5b6fe71001290223h77443b7cy21eb884a868daf46@mail.gmail.com>
X-Mailer: Apple Mail (2.936)
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>

On 29 Jan 2010, at 10:23, Colm MacCárthaigh wrote:

> On Fri, Jan 29, 2010 at 9:56 AM, Jim Reid <jim@rfc1035.com> wrote:
>> On 29 Jan 2010, at 09:32, Colm MacCárthaigh wrote:
>>
>>> If consistency was the primary objective then all TTLs would be 0  
>>> and
>>> there would be synchronous atomic updates only. DNS is intentionally
>>> inconsistent by design.
>>
>> That depends on the definition of consistency. Sure, DNS is loosely
>> consistent because of cacheing and zone propagation latency.  
>> However there
>> is a higher level consistency that is unwritten (and probably needs  
>> to be
>> formally documented). This is the principle of uniformity. ie No  
>> matter
>> where you are or what software you use or which server(s) you  
>> query, the DNS
>> always returns the same answer for the same lookup.
>
> That paragraph is self-contradictory.

Not really Colm. The higher level concept of uniformity expressed  
above isn't actually undermined by the above examples of loose  
coherency. For instance, the TTL for some resource record is (or  
should be) a commitment by the zone owner that that RR won't change  
inside the TTL. The window where authoritative servers may be out of  
sync is small these days and getting smaller. It's more of a  
theoretical concern than one that people worry about. And in  
environments where this is considered a significant risk, folk use  
databases to get immediate replication.

Yes, if someone looks *really* hard they *might* come across examples  
of loose consistency. However those transient anomalies will return to  
the usual steady state and converge on a consistent name space: think  
regression to the mean. That's not the same as violating the principle  
of uniformity by handing out different data *by design* to different  
clients who make the same query.

> Taking the tricks into account, they've been use for over a decade
> now, also evidently without any real problem.

Well in another thread, I've given a couple of examples where stupid  
DNS tricks cause very real problems. These problems are of course  
externalities to the people doing those DNS tricks, so they might not  
care about those problems or acknowledge their existence.

> Again, the principal of strict uniformity does not appear to matter.

In your opinion. I think the people who are proposing these sorts of  
DNS changes have the responsibility to prove that the changes cause no  
harm and make the engineering trade-offs clear. [ie Is the cost of  
changing the world's DNS software worth the benefits of the new  
feature? Are there any second- or third- order effects?] So far there  
isn't even a problem statement or any hard data.

v2.23.0 | Report a Bug | By Email