[e2e] scheduled name space

Joe Touch touch at ISI.EDU
Fri Apr 16 21:22:34 PDT 2004 


David G. Andersen wrote:

> On Fri, Apr 16, 2004 at 03:29:23PM -0700, Joe Touch scribed:
> 
>>Jon Crowcroft wrote:
>>
>>
>>>i might impleent a policy based on similar olocation (eg. using bloom 
>>>filters on the source address space) or on
>>>request similairity (using rabin fingerprints on query keys) or whatever, 
>>>but the schedule can be different to the
>>>result of the match...
>>
>>Sure - it's OK if you give different replies to different sources, but 
>>the answers have to provide (ultimately) consistent content, or you're 
>>changing what a DNS query means.
>>
>>Otherwise, it may be a lookup service, but it's not DNS, IMO ;-)
> 
>   Why does DNS have to provide access to consistent content?

The entries in a reply set are supposed to be 'equivalent' - notably, 
you can't control which one is used by the client.

Also, you can't control where the request comes from (e.g., tunnels make 
source addresses somewhat irrelevant)- or where it is cached, or whether 
it is forwarded.

> Does that mean that geotargeting through DNS responses is not a valid
> use of the DNS system?  Or only if it's not deterministic?

Geotargeting to provide a 'closer' reply is just an optimization; if you 
actually give different content based on source (i.e., if the IP 
addresses are not to equivalent content), then you've defeated the idea 
that of the name-to-address lookup. All the addresses of the reply - 
whether provided in a set or to different sources - are equivalent as 
'name to address', which means if they're cached, forwarded, or other, 
they should be sufficiently useful.

>   Google and others have been known to use round-robin DNS
> to direct you to one of several geographically distributed
> datacenters, each of which may, at various times, give
> different replies to queries.  Is this not DNS?
> 
>   -Dave

That depends on whether you're measuring by port number or protocol 
semantics. Providing different content ends up making the lookup to a 
"nondeterministic service" - if that's what you want, that's DNS.

Providing different content breaks when:
	- you login over different tunnels and expect non-shared
	state to be there, like your shopping basket

	- your DNS query ends up being forwarded through a server
	whose geography differs from yours

This is like discussing NATs. Sometimes they work, except when they don't.

Joe


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://www.postel.org/pipermail/end2end-interest/attachments/20040416/4ee4f3c3/signature.bin

More information about the end2end-interest mailing list