[dns-operations] conspiracy theories?
Edward Lewis
Ed.Lewis at neustar.biz
Tue Apr 22 14:29:58 UTC 2008
At 10:57 +0200 4/22/08, Olivier Guillard / AFNIC wrote:
>IMHO 3: this is a collective problem when a branch is broken, since
> the whole DNS tree is weaker in that situation: we are all
> sharing the same ressource (have a look in your zones).
I've never fully bought into that opinion. If a domain name is
broken, it and all the descendents suffer. Resolvers that need to
make use of that subtree will expend more work to find out the answer
isn't there, that's true.
>IMHO 4 : we share the opinion that "it is very hard to determine the
> rationale behind any situation from just looking at
> what is in DNS". That's why an error spotted by a specific
> monitoring is not irrespectfull to the professionalism of
> anyone : this is just an "indication", it reports about a
> "perception from somewhere" (that can always be discussed
> BTW).
Spotting an error is not disrespectful, broadcasting the find is.
It's one thing to ask "can anyone reach XYZ" it's another to say "XYZ
is broken." Public accusations of any kind should not be made
without following a due process, including trying to talk directly to
the responsible party.
...
The "conspiracy theory" I refer to are the stories I hear that IANA
is somehow secretly managing and "controlling" the DNS. Over time I
see reports that IANA/ICANN/US Gov't/etc. are consorting to do bad
things to the Internet. Small, insignificant misconfigurations that
surface seem to launch these reports.
About misconfigurations - it's because these can exist and not melt
down the DNS that the DNS scales so well. A system that can
withstand "illness" is much more resilient than one that requires
good health at all times. "Loose is fast" is a saying in some racing
circles, if a boat is rigged too tightly it won't sail as fast -
because waves and wind variations have to be accounted for.
I'm trying to make a few points. One, for all the complaints about
IANA's interface I have to say that I find them to be unfounded. We
(as ccTLD, gTLD, and sTLD operator) have no problem with what
"happens at IANA." Two, if anyone sees things in the DNS that seem
to be broken, instead of running to the list first, try asking
whoever's listed as being responsible. If for no other reason, it
makes sure the responsible parties are accurately listed. And three,
the DNS is supposed to have misconfigurations - it's a healthy part
of the process - especially if they are fixed (as a result of someone
noticing a real problem).
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Never confuse activity with progress. Activity pays more.
More information about the dns-operations
mailing list