North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: VeriSign's rapid DNS updates in .com/.net

  • From: Paul Vixie
  • Date: Fri Jul 23 11:36:40 2004

> >...  so, let's increase dynamicism of domain addition, but let's please
> >not also increase dynamicism of delegation change and domain deletion.
>
> What would be your suggestion to achieve the desired effect that many seek
> by lower TTL's, which is changing A records to point to available, lower
> load servers at different times?

"get over it."

> I did read the point that lower TTL's should only be used when
> appropriate but if most high-traffic sites use low TTL's, the point
> about the rest is moot. (with the exception of the root-servers) The
> load will be seen on ISP resolvers, specially on consumer networks.

that's not even the worst of it.

many business plans throughout history have involved virtualizing
something that used to be physical, or driving a bus through a loophole,
or both.  i'm happy to see dns still working lo these 25 years later,
but the terminology has improved to the point where i can make my
complaints more exact.  what is dns exactly, and what isn't it?

dns is a distributed, reliable, autonomous, coherent database.

dns is not a directory service.  if you want a directory service you
probably want soundex rather than wildcards, and you probably want
something that's specific to a protocol (like web browsing) rather than
something that also affects e-mail, ssh, and everything else.

dns is not a mapping service.  incoherency is bad.  an answer should
depend on the question (which means name, class, and type) and on the
time the question was asked.  offering different results when the same
question is asked at the same time is "deliberate incoherence".  when
once upon a time yelling at akamai for doing this, i called it "stupid
dns tricks".

i remain open to the possibility that a standards effort will someday
add directory services, or mapping services, to dns.  but delivering
such services without protocol changes is an abuse of a loophole, not
"innovation."

note that immediate updates for .ORG and now .COM/.NET are completely
within the definition of dns and i'm happy to see people doing it.  (in
isc's own .ORG bid, we also proposed to have it work this way.)  i say
this in case someone mistakenly believes that this is not a new thread.