IETF Logo Mail Archive

DNS design (was: Re: Split the IANA functions?)

John C Klensin <john-ietf@jck.com> Thu, 09 January 2014 11:50 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E0E61AE21D for <ietf@ietfa.amsl.com>; Thu, 9 Jan 2014 03:50:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.538
X-Spam-Level:
X-Spam-Status: No, score=-2.538 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_52=0.6, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dIhRbeFH3r8n for <ietf@ietfa.amsl.com>; Thu, 9 Jan 2014 03:50:48 -0800 (PST)
Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) by ietfa.amsl.com (Postfix) with ESMTP id 88ED11AE157 for <ietf@ietf.org>; Thu, 9 Jan 2014 03:50:48 -0800 (PST)
Received: from [198.252.137.115] (helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1W1E8C-00096G-8V; Thu, 09 Jan 2014 06:50:36 -0500
Date: Thu, 09 Jan 2014 06:50:31 -0500
From: John C Klensin <john-ietf@jck.com>
To: Eliot Lear <lear@cisco.com>, Andrew Sullivan <ajs@anvilwalrusden.com>, ietf@ietf.org
Subject: DNS design (was: Re: Split the IANA functions?)
Message-ID: <9F439EC8447B582E1625CB73@JcK-HP8200.jck.com>
In-Reply-To: <52CC1618.1090605@cisco.com>
References: <CAMm+LwinAb6+7BoMzwBWyu63vofndxK9VY6DSNN0Ykza4SxuMQ@mail.gmail.com> <52CB0010.5010407@gmail.com> <CAMm+LwhN8+z9q4KQXVY9bWA6TAqxx1=Qg0OUfK=VGCSDg5uWEA@mail.gmail.com> <DD618936-0D13-41F1-8D89-2E3171D864B5@istaff.org> <52CB31F4.3090703@cs.tcd.ie> <52CB987A.20300@cisco.com> <20140107144412.GB11068@mx1.yitter.info> <52CC1618.1090605@cisco.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2014 11:50:51 -0000

--On Tuesday, January 07, 2014 15:58 +0100 Eliot Lear
<lear@cisco.com> wrote:

> Andrew,
> 
> It's clear that I wasn't clear.  Deciding on a tree structure
> has political implications, be that DNS, RPKI, or other (and
> there are other).  To ignore those implications would be
> unwise.  They are weighed against technical considerations, as
> always.
>...

Eliot,

In the hope of focusing the discussion a bit, I think it would
be more accurate to say that "having a tree structure...r
"having decided on a tree structure...".

It feels a little strange for me to be defending the DNS design
because I've never been a huge fan of some aspects of it, but a
little bit of insight into the context of those decisions may be
helpful.

I was not involved in the DNS design process, but I was doing
work on databases, including distributed databases, at the time
in the early to mid-1980s.  Against the backdrop of the database
state of the art at the time, if one started with design
criteria of approximately:

-- replacing the name-to-address and
	name-to-limited-supplementary-information functions of
	the Host Table without significant loss of functionality
-- having a hierarchical name structure (which does not,
	itself, imply a hierarchical database)
-- having something that could be administratively
	distributed at multiple levels of the name structure
-- having a distributed database that could be plausibly
	implemented without lock-commit-acknowledge or
	journal-based update facilities
-- having an arrangement that would facilitate local
	caching, not just for performance but as a mechanism to
	allow systems that were temporarily disconnected from
	all or part of the network to keep functioning reasonably
-- The result needed to be plausible for non-specialists
	to implement in a way that would interoperable.
	
Most of the above are documented in the various pre-DNS papers.
Most are also pretty obvious.  Given how bad some
implementations have been, there is a pretty good case to be
made that the design failed on the last criterion, but a
non-hierarchical alternative, especially given the then state of
the art, would have been much worse in that regard.

There just were not a lot of choices other than a hierarchical
database system.  The designers could have made some different
choices within the general hierarchical model, some of which I
hinted about in my earlier note.  I don't know if those
alternatives were even considered (and suspect most of them were
not).   But the decision to use a hierarchical model, again
given the state of the art, had to be pretty much determined by
those  design criteria.

I think a choice between something that meets the criteria and
is comparatively simple, robust, understandable, and
implementable and something that is much more complex and/or
that lacks robustness against network interruptions is an
engineering choice (and an obvious one).  One could argue that
it is political, but that requires arguing either that every
decision the involves either implementation or operational
economics or other operational issues is political.  

One could also argue that the criteria were wrong and that "no
central administrative or coordination function" should have
been a requirement.  But that requirement would be a very
difficult one technically even today and the environment at the
time -- IANA existed well before the DNS and was generally
trusted and the DNS design was a lot less centralized than its
predecessor-- just didn't call for it.  So, except with extremes
of hindsight about what we might like to have had today given an
evolution path that certainly could not have been accurately
anticipated at the time, I think it is hard to argue that the
omission of a "no central..." criterion was political at the
time.

Of course, one can say today that the technical/ engineering
decisions made then have political implications today but, given
the right set of conditions, that could be true of almost any
decision or fact, as the history of ignorant legislative efforts
to change PI or modify the speed of light amply illustrate.   It
doesn't retroactively make the decisions themselves political as
others have implied.

Finally, with regard to CLASSes just being treated as a another
level of the hiararchy, a sort of super-root... Again, I wasn't
there, no only not there for the DNS design effort but not
involved in the Chaosnet and Hesiod implementations that have
been the major examples of actually deployed and actively used
examples of CLASSes.  But it is clear to me from both reading
the specs and what little I know of those implementations that
kre is correct and the capability is badly underspecified.  I
think there are even some errors in what the spec does appear to
say.  But getting from there to either "there is a political
problem because CLASSes don't work" in the presence of
counterexamples to "don't work" or  "CLASSes just create another
level of the tree with the same properties in all CLASSes that
the CLASS=IN [sub]tree has" seems to me to be a huge stretch
that is not really justified by either implementation history or
the spec.

Just my opinion, of course.

best,
    john

v2.23.0 | Report a Bug | By Email