[dns-operations] Code diversity and resolvers (was Re: DNS at FOSDEM 2016)

Andrew Sullivan ajs at anvilwalrusden.com
Wed Feb 3 15:47:05 UTC 2016

On Wed, Feb 03, 2016 at 12:41:05PM +0100, Phil Regnauld wrote:
> 	I think code diversity is a Good Thing [tm].

In principle, that statement is one I can support.  In practice, it
strikes me that it may well sometimes be false.

It's certainly true that having choices in systems is valuable, and
that independent implementations of the same protocol shows whether
you really have interoperation.  For many years, the overwhelming
dominance of the BIND code base hid a number of inconsistencies and
corner cases in the DNS specifications.  The efforts of others (early
with NSD and Unbound, and later Power and Knot and YADIFA and so on)
to do independent implementations have helped a lot with our

But it is certainly possible to have too much of a Good Thing.  The
splintering of UNIX during the "UNIX wars", and the somewhat parallel
splintering in the BSD camps, are good examples.  The UNIX wars meant
that portability was a constant challenge.  While the BSD world was
sorting out how it'd get along with one another, Linux came along and
took over; we've arguably ended up with less diversity as a result.
And the various splinters over desktop environments continue to mean
that the desktop experience on any UNIX is a total usability mess.
(Fortunately for them, Apple has forgotten everything it ever knew and
is gradually making the user experience less consistent with every
release.  Don Norman must be shaking with rage.)

The DNS protocol is littered across hundreds of RFCs, and the DNS is
also not the only name resolution on the Internet.  We have a fair
amount of code diversity already, and it seems to me that building on
one advantage of free software -- that you can use and improve code
that is already working -- is something that's being forgotten.
Though it was for a different context, Joel Spolsky's rant (from
2000!: http://www.joelonsoftware.com/articles/fog0000000069.html)
about rewriting things from scratch still strikes me as containing
valuable insight.

So, sure, code diversity is a Good Thing.  But so is a stable resolver
that has years of real-world testing.  I'm not sure the trade-off here
is a good one.

Best regards,


Andrew Sullivan
ajs at anvilwalrusden.com

More information about the dns-operations mailing list