interesting-people message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [IP] comment on"Unnecessary Traffic Saturating a Key Internet'Root' Server"Newswise (01/24/03)

  • From: Dave Farber <>
  • To: ip <>
  • Date: Fri, 24 Jan 2003 16:20:33 -0500

------ Forwarded Message
From: Bob Frankston <>
Date: Fri, 24 Jan 2003 14:38:13 -0500
To:, "'ip'" <>
Subject: RE: [IP] "Unnecessary Traffic Saturating a Key Internet'Root'
Server"Newswise (01/24/03)

It's no surprise that the desire for risk-averse approaches to security
is a major source of insecurity. Creating a maze of complex passageways
and then blaming the users for being imperfect isn't a solution.

Note also that if one is worried about an attack, having the servers
already handling 50x more traffic than necessary means that an attack of
a given level will be one 50 times less effective because the servers
are already handling so much traffic. If the load was far lower then a
modest attack would represent a very large increase in traffic. I don't
know the levels of traffic during the denial attempts.

The report also indicates that much of the load comes because the DNS is
also trying to act as a directory and thus typos and misunderstandings
on the part of users create a direct load on the servers. The fear of
extra .'s also forces people towards the root servers.

If the DNS were just plumbing and didn't have the extra duties of acting
as a commercial service to map meaningful names to IP addresses the
problems would be significantly reduced. The requested would only come
after the lookup had been done via directory services, the load would be
distributed to secondary and tertiary nodes and the goal would be to
simply do a translation and not assure authenticity.

Yes, there is a lot of unnecessary traffic but bad design is the root
cause (OK, it's bad pun) and making it worse won't make it better.

Bob Frankston

------ End of Forwarded Message

You are subscribed as
To unsubscribe or update your address, click

Archives at:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help


Powered by eList eXpress LLC