Re: [mif] DNS selection with HE-MIF

[Keith Moore <moore@network-heretics.com>]

On 02/03/2013 11:05 AM, Ted Lemon wrote:
> On Feb 3, 2013, at 10:46 AM, Keith Moore <moore@network-heretics.com> wrote:
>> Problem is, this is bad for the Internet architecture, as it basically encourages using DNS as a routing protocol.
> I think using DNS for CDNs is a bad idea, and it's also something that I think people are moving away from, but it is an issue, so I described it.   All of the use cases I described are essentially abuses of the DNS;
agree.
> the question is whether we will spec out something that is robust in the face of these abuses, or whether we will spec out something that simply falls over and dies when people abuse the DNS.
I think this is a case where IETF has failed (over a long period of 
time) to devote sufficient attention to managing the Internet architecture.

In this case, IETF has failed to recognize the cases where people were 
tempted to abuse DNS, and to either adapt DNS or provide alternative 
solutions.   There was little about the Internet architecture, and 
nothing about DNS, that was incompatible with having multiple network 
interfaces on a host.  It's only when DNS is abused that this problem 
crops up.

And now IETF has essentially asked a working group with a very narrow 
scope to fix a fairly broad architectural issue that has been 
exacerbated by 15 or so years of neglect.  Of course, IETF does this all 
the time - MIF isn't the only group that's been asked to patch 
deficiencies in the architecture that were really beyond its proper 
scope.  But this particular issue seems thornier, and to have worse 
long-term consequences, than most.

This is in some sense a structural problem with IETF - its division of 
work into areas based loosely on layers of the protocol stack, and its 
habit of trying to do everything in narrowly-scoped working groups, 
almost entirely precludes resolution of architectural issues, 
particularly when those issues involve conflicts (and require 
compromises) between different layers and/or different interests.

But my point isn't to make a speech.  My point is to say that any real 
solution to this problem is probably beyond a reasonable scope of the 
MIF WG.   Though perhaps MIF could propose a solution as a starting 
point, it should not be trying to define the solution.  It doesn't, and 
cannot, represent a wide enough set of interests to dictate the changes 
that need to occur to DNS and DNS configurations and/or ICMP and/or 
network configurations and/or applications and/or network stacks, to 
resolve this satisfactorily.
> In my mind, these scenarios are essentially DoS attack scenarios: the end user is being attacked by the DNS provider in a provisioning domain, who is giving them corrupt data that will negatively impact their use of the network.   The question is, do we allow that attack to spill over into other provisioning domains, or do we spec out a standard that prevents such spill-over?

Or maybe the thing to do is document the problems, and explain why 
they're architectural issues, and perhaps suggest that IAB and/or IESG 
should undertake to bring a broad set of interests to the table to 
resolve such issues.

Keith