Slashdot Mirror

← Back to Stories (view on slashdot.org)

Paul Mockapetris On The Future of DNS

Posted by timothy on from the smooshing-in-extra-stuff dept.

penciling_in writes "In a CircleID article called Letting DNS Loose, Paul Mockapetris, the inventor of DNS and Chief Scientist and Chairman of Nominum, gives a good indication of what is to be expected in the upcoming years when it comes to data riding on DNS: "RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all go into DNS, and folks have occasionally proposed doing just that. It's really just a question of figuring out how to use the DNS -- it's ready to carry arbitrary identifiers." According to Paul, there are 40 or so data types to be added to DNS: "In fact the whole ENUM scheme is built out of classical DNS technology, and NAPTR is really just the latest data type to be added to the DNS. NAPTR is also just an extension of SRV, which was an extension of MX, which are DNS data types that Active Directory uses to start itself and the Internet uses to route each piece of mail." Paul also clarifies the recent BBC story previously discussed here on Slashdot."

13 of 188 comments (clear)

  1. mDNS & Rendezvous? by AT · · Score: 4, Informative

    I'm surprised that mDNS wasn't mentioned in the context of the future of DNS. It is, after all, the technology behind Rendezvous, Apple's protocol for automatic service advertising and configuration on local LANs. mDNS is basically just normal DNS multicasted, with some conventions on how to represent services.

    mDNS is already used for zero-configuration networking, sharing iTunes playlists, and finding other iChat users on a local LAN. Since it's based on DNS, its both simple and has mature implementations. And it's open source; Apple provides a working reference implementation for MacOS 9, MacOS X, Windows, and Posix (including Linux).

    1. Re:mDNS & Rendezvous? by curious.corn · · Score: 3, Informative

      It's more than that. I haven't yet seen the potential of mDNS revealed anywhay but take this example:
      postgres is compiled with mDNS support, when the daemon starts it registers onto the server's mDNSResponder. You launch your data analisys app that broadcasts the query:_pgsql._tcp.local. and your server responds with netaddr/port. The app establishes the connection, you move on. This stuff IS cool. Linux efforts today are limited to tmdns that requires the server admin to manually edit a config file... shure, init scripts can do this but the idea is that you link to a lib that registers the app to the responder autonomously... howl does that. It's soo cool that I break up in tears thinking back at the time I've wasted on this stuff. If only iptables had a programmatic interface to open ports rather than handcrafting config scripts your little daemon config file would be the central repository for all relevant service information... hmm, a datacenter admin's wet dream

      --
      Mi domando chi à il mandante di tutte le cazzate che faccio - Altan
    2. Re:mDNS & Rendezvous? by keithmoore · · Score: 4, Informative

      mDNS is a huge mess, mostly because Apple started deploying the thing without realizing that you'd have different hosts on the same network, some using mDNS and some using DNS (since not all hosts that are connected will see the same peers) and without bothering to figure out how to keep mDNS and DNS in sync.

      the last time I looked the problem still wasn't solved. but the draft is in revision 27 after being taken on by an IETF working group, and still isn't done yet, which should tell you something about how ready it was for prime time when Apple shipped it.

      the rest of Rendezvous (v4 linklocal addressing and DNS resource discovery) is also a huge mess, but that's another topic.

  2. Re:naming conventions by ultrapenguin · · Score: 5, Informative

    Internet explorer can also auto-add www. + .com if you press ctrl+enter while typing the url.
    so google + ctrl/enter gives you what you want.
    This also seems to depend on language settings - pressing ctrl+enter with regional settings set to "japan" will prepend www. and append .co.jp

    I think MYIE2 has different modifiers, ctrl+enter adds .com, shift-enter adds .net, etc.

  3. Re:What I want to know by j4y · · Score: 2, Informative

    but there is a way to implement mutillingual domain without set up a application to convert native languges to DNS normal charater as iDNS mechanism.

  4. Not so sure... by rritterson · · Score: 3, Informative

    DNS is great in it's hierarchal nature- one can simply delagate domains to another server, which keeps what ever DNS is managing the root (like slashdot.org.) from getting overloaded with requests.

    However, how is it going to work if we add Barcodes, RFIDs, etc to DNS? Are we going to create a RFID domain? RFIDs are unique numbers, AFAIK, which is more like an IP address, which is exactly what DNS is designed to avoid the usage of! Will i go buy tee.shirt.yellow.minnesota.walmart and have the register go look up the RFID and price information? That would seem backwards.

    Also, we're going to need many more DNS servers if we are going to piggy back those sorts of services on the system. While I did RTFA, it seemed short on details. I would assume a retailer using DNS for RFID would have a private DNS network, much the same way Microsoft's Active Directory normally uses one (or maybe not- maybe one would just need a seperate RFID network of servers, since there is nothing inherantly private about RFID numbers and it might be helpful for a retailer to make the RFID lookup ability public).

    Yet, that would only lead back to my original question. Are you going to seperate RFIDs into domains by number and then delgate them? That seems silly- imagine trying to put MAC address lookups on DNS. Does one retailer need to be able to access the RFIDs of another? Are we going to need to create root servers for RFID lookups? Please don't use those same root servers and please don't merge the network with the same public internet DNS system.

    Perhaps the article was just short on details, or maybe I missed something, but I'm wary of using DNS for the sort of system the article described- at least before more details emerge.

    --
    -Ryan
    AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
  5. Article Text by kiwipeso · · Score: 1, Informative

    Letting DNS Loose

    Jan 02, 2004 | From CircleID Empowering DNS

    By Paul Mockapetris

    Most folks tend to think of the DNS as a way to map ASCII host names to IP addresses, perhaps www.nominum.com to 10.0.01 or some such.

    I believe that when Vint talks about "escaping the bonds of DNS", [see BBC's report and Doug Mehus' CircleID report] he's really talking about letting it loose rather than replacing it.

    In the case of ENUM and NAPTR, all we are doing is saying that "domain names can carry phone numbers, so why not let them". NAPTR is a DNS data type, so we aren't replacing DNS with NAPTR, that would make no sense. In fact the whole ENUM scheme is built out of classical DNS technology, and NAPTR is really just the latest data type to be added to the DNS (there's 40 or so). NAPTR is also just an extension of SRV, which was an extension of MX, which are DNS data types that Active Directory uses to start itself and the Internet uses to route each piece of mail.

    RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all go into DNS, and folks have occasionally proposed doing just that. Its really just a question of figuring out how to use the DNS -- its ready to carry arbitrary identifiers. And by the way, this isn't a new idea, see RFC 1101 for proof, although even earlier I designed the DNS in the early 1980s to allow it to be so, but it seemed too far fetched to document for a while.

    But don't think that I'm claiming to have solved the whole problem. What I certainly didn't anticipate was the political, legal, and commercial fight that would come with it. These squabbles behind ENUM and RFID use of DNS are really the problem, not the technology, although there may be ways to help with more technology. I was in Geneva for a WSIS meeting of CTOs, and was surprised that the various organizations (ITU, ICANN, ISOC) haven't figured out that they need each other to make this technology work, rather than asserting ownership.

    While it is inevitable that the DNS gets replaced, I think there could be far more usage and opportunity if the political aspects were addressed coherently, and if the technology types just let experimentation happen, rather than trying to make rules about how the DNS is used.

    --
    - Kaos games and encryption systems developer
  6. Re:WEB/FTP by emptybody · · Score: 4, Informative

    Actually, there already are provisions for this.
    The SRV record, defined in rfc2782, is used to store a HOST:PORT pair

    When will browsers (or anything else for that matter) start supporting this???

    Here is a (possibly outdated) list of software that supports the SRV record.

    --
    comment directly in my journal
  7. Re:They're right... by 0racle · · Score: 2, Informative

    new to ldap huh? DNS doesnt store the actuall AD Data, those are on datafiles on the AD Servers (Ya i was shocked at that too), DNS simply holds pointers to find the services supplided and used by the directory, just like every other use of DNS.

    --
    "I use a Mac because I'm just better than you are."
  8. How about fixing bind 9 ? by Anonymous Coward · · Score: 5, Informative
    Let's see...
    • rrset-order is still broken.
    • GSS-TSIG support is still missing.
    • Strange multi-threading bugs still exist
    • Awful security history isn't behind it yet.
    Oddly enough, the expensive Nominum commercial product has all these things fixed and BIND does not, even though ISC and Nominum are the same set of folks, in the same building.

    Does this sound like bullshit to you ? If so, see the following:

    • Read the bottom parts of this and the links at the bottom of this
    • Nominum/ISC relationship described here
    Of course, the trouble is that there's not many alternatives. DJBDNS is stable, but missing features and has an odd "semi-open-source" license. ( Also, if you read some of the links, Dan's a really cranky source of support :) PowerDNS is promising, but just got recursion.

    AAARRGGHH.

  9. Re:naming conventions by iksowrak · · Score: 3, Informative

    Domains aren't arranged the way they are just as a convention of days past. They're arranged in a hierarchical to distribute the load of DNS lookups as well as provide as logical way to diving responsibilities for different domains (zones). Also, the hierarchical structure allows for duplicate names as long as those two names aren't sibling nodes in the DNS tree (I can have google.com and google.noodle.com). With single word domains all of a sudden your available choies would decrease dramatically.

  10. Re:Really? by m3j00 · · Score: 1, Informative

    he's referring to the fact that www.whitehouse.com is a porn website, and not the whitehouse website.

  11. Re:naming conventions by Kirill+Lokshin · · Score: 2, Informative

    No, the reason TLDs are limited is so that the root nameservers only need to keep state for a few different identifiers. If you allow an arbitrary number of them, the roots will slow down to a crawl.

    This is the same reason that class C IP addresses are such a problem - there's too many of them to do a lookup quickly.