Kent, Roeland and all,
Good points here Kent. Got to go with Kents analysis here
Roeland.
Kent Crispin wrote:
> On Sat, Feb 20, 1999 at 09:32:54AM -0800, Greg Skinner wrote:
>
> I am actually responding to Roeland's comment here...
>
> > Roeland Meyer wrote:
> > > Sure, but first you'll have to prove that there is a problem, Chicken
> > > Little. Show me a failure mode that I can repeat.
>
> There is no failure mode that you can repeat, because the failure
> mode exists in the entire DNS, not in a particular node. Caching
> behavior is a global property of DNS, not just a property of a
> single running copy of bind. Your failure to comprehend this simple
> fact is a fundamental error.
>
> > > Point to code that shows
> > > the architectural flaw. Yes, there is one small section, in the caching
> > > code, that is slightly non-deterministic in certain conditions.
> > > However, my
> > > personal examination did not yield any failure modes in the code. testing
> > > specifically, and generally, also did not reveal any flaws.
>
> Your personal examination of the code is largely irrelevant. This
> is a problem inherent in the global structure of DNS, not the bind
> code.
>
> Are you familiar with the smurf attack, where the attacker can cause
> thousands of pings per second to flood into a particular address?
> That's not a failure mode that is visible in the networking code that
> replies to broadcast addresses, or something you would detect by looking
> at the source for "ping"; it's a failure mode in the overall
> system design. There are what?, 43,000,000 nodes in the DNS, and
> they are all caching almost everything, so the vast majority of
> requests never go through the roots.
>
> It is well-known that a small change in caching characteristics can
> sometimes cause a drastic change in performance -- it's a non-linear
> response. One example of this phenomenon is how network performance
> degrades precipitously past a certain threshold, when retries start
> to clog the system. Another example is disk thrashing when the
> working set for a code is significantly bigger than the page cache.
>
> Note that DNS traffic is already a significant fraction of the
> traffic on the backbones.
>
> --
> Kent Crispin, PAB Chair "Do good, and you'll be
> [EMAIL PROTECTED] lonesome." -- Mark Twain
Regards,
--
Jeffrey A. Williams
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail [EMAIL PROTECTED]
Contact Number: 972-447-1894
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
