Will Vista Overload the DNS? 221
Jamie Northern writes, "Thanks to new directory software, Windows Vista could put a greater load on Internet DNS servers. But experts disagree over whether we're headed for a prime-time traffic jam or an insignificant slowdown. Paul Mockapetris,inventor of DNS, believes Vista's introduction will cause a surge in DNS traffic because the operating system supports two versions of the Internet Protocol (IPv4 and IPv6). David Ulevitch, chief executive at OpenDNS, a provider of free DNS services, said Vista's use of IPv6 will not disrupt the Internet at large. 'DNS can be improved, but predicting its collapse is just spreading FUD.'"
one solution comes to mind (Score:5, Insightful)
FUD (Score:1, Insightful)
Of course it won't cause an overload (Score:5, Insightful)
It will take years until/if it reaches considerable marketshare. ISPs have plenty of time to upgrade in the meantime.
Useless to blame this on Vista (Score:5, Insightful)
Re:Why any different than Linux or MacOS X? (Score:2, Insightful)
Because Vista is going to be used by about a couple hundred million more people than Linux/OSX. Even if there is no real threat, it's worth it just to investigate and make sure.
Stupid (Score:3, Insightful)
Yeah right.
Re:Why any different than Linux or MacOS X? (Score:3, Insightful)
Maybe I should ask the question differently: why would there be any more requests than there are now with Windows? After all a single DNS lookup should easily get the AAAA and A address in one shot, unless I am misunderstanding the protocol.
A few more comments... (Score:4, Insightful)
So even if there is an increase in DNS load because of the AAAA before A DNS requests it won't cause rolling blackouts or major network failures.
FWIW, we see about 20% of our requests as AAAA requests. I don't have the number of those that are retried as A requests but I'd guess it's pretty high since we aren't (yet) listening on IPv6 interfaces. We do support AAAA dns requests, of course.
-david
Re:But without FUD... (Score:1, Insightful)
Oh noes... (Score:3, Insightful)
Maybe in user interaction. Perhaps, once IPv6 is used now and then, that second dns query will cause an extra 100 ms delay on top of the first 100 ms delay for the first dns query.. causing a human-noticeable slowdown after clicking a link.
This is a slowdown due to round trip times, not because of bandwidth or processing limits. More sequential round trips = more latency. Nothing new. And the second time you visit a given site? It's cached, no round trip at all. So yes, people might, maybe, kinda notice a difference.. on the first visit to a given website on a given reboot of their computer.
But I don't think an extra lookup will be a huge inconvenience even given the sorry state of ISP dns servers(Which, in my experience, aren't that bad unless they can't look up an address. Timeouts are are bad, mmkay? The correct response is nxdomain, not 'server did not respond' 'lets try the next!' 'server did not respond'.....
Re:But without FUD... (Score:2, Insightful)
Re:Remove the need for NAT? (Score:4, Insightful)
With plain NAT and no filter, someone on your outer segment (malicious ISP, hacked ISP, other customers of some cable ISPs,
Get rid of NAT now, the sooner the better.
Re:Why any different than Linux or MacOS X? (Score:3, Insightful)
Re:Remove the need for NAT? (Score:3, Insightful)
What the is it that you expect the average NAT user to be doing that matters with the "end to end paradigm of the internet"?
I am a geeky person, and know what? My NAT-ing Linksys router has never failed to meet my needs for my home internet/home network. In fact, it has a bunch of stuff that I am never likely to use. Ever.
Why are you putting any value on "end to end" when one of those legs is nothing but a threat to the average user (unsolicited inbound).
If it is NOT a threat and you want the inbound traffic, you got a full blown firewall and a DMZ and NAT and know how to configure it, and guess what! Still not a problem!
People like you annoy the piss out of me.
"NAT is not a firewall" (no, it's not, but for the purposes of why an average person that buys them thye sure as fuck are, and WAAYY better than any software solution running on Windows.)
"End to end" Eh? half of that is NOT WANTED. Grandma Joe does not FUCKING WANT any inbound traffic PERIOD. None. Get it? So her "paradigim" is sufficiently fulfilled by "End to".
Re:Windows IPv6 support (Score:5, Insightful)
BUT, in the short term, (w/c)ouldn't the shortage be helped by redistributing some of the address floating around unused on Class A & B networks?
It's funny, because some of the arguments made by Class A holders against giving back their block, is that they don't want to spend the time & money and/or go through the hassle of renumbering their networks if the arrival of IPv6 is going to moot the issue.
And of course, nobody wants to spend the money to implement IPv6 unless they have to.
Remeber 2002 (Score:2, Insightful)
Didn't we get this thing tested in 2002. Haven't we learned anything? or has it all been forgotten?
http://www.internetnews.com/dev-news/article.php/1 486981 [internetnews.com]
Even when Vista comes out it won't have instant effect on the over all system, but the load will grow in time and the system will have to be customed for that.
Overload the DNS? (Score:2, Insightful)
From TFA:
"""For example, Microsoft designed Vista so PCs will query in the address of the type assigned to the system, the company said.
Computers that don't have an IPv6 address will not do IPv6 queries, the company said.
Also, when a machine does do an IPv6 query, it will do so only to a DNS server that responded to its initial IPv4 query, the company said. "Name errors are not repeated, so the Net traffic will less than double," it said."""
Re:Why any different than Linux or MacOS X? (Score:3, Insightful)
Re:At the risk of further insult.... (Score:4, Insightful)
IPv6 means your TCP packets will get 20 bytes larger. That means that your downloads will take about 1.5% longer. Oh the horror!
Re:Windows IPv6 support (Score:4, Insightful)
The problem comes with ADSL is that you have to have the IPs to be in the game. You need static IPs for everybody (not because you couldn't NAT, but because users expect a REAL IP) which means a
So, even with migration from dialup, usage is going up, and if current trends continue then IP space is going to get rather tight from all the ADSL users.
Re:But without FUD... (Score:3, Insightful)
Plus I disagree. This is the most insightful comment.
Re:Remove the need for NAT? (Score:4, Insightful)
NAT no security? (Score:3, Insightful)
Bullshit.
NAT does help against a certain sort of attack. Maybe only against this sort of attack. Fortunately, against the propably most common sort of attack you can't do anything about. (You can to something about infected websites: use a different browser).
Security is not binary, it's relative. NAT adds yet another bit of security for your computer. Can you feel save with NAT only? Hell, no! Can you feel saver than without NAT? Ask my Windows-using friends that hook their machines up to the net directly how many times they had to reinstall windows untill they could download the security fix from MS faster before they were hit again. Can't remember which worm it was (it khad a bug in its implementation and kept rebooting the machines, you'll know which one I mean). I'm not running Windows, so I didn't care. But fior them NAT would have been a good protection at the time.
Re:But without FUD... (Score:1, Insightful)
And perhaps not everybody, even at Slashdot, immediately remembers what "DNS" stands for, you might expand it out frigging *once* in the summary. (I know this acronym from at least three different fields.)
(On a lighter note, can we start calling IPv6 "Internet 2.0"? Or is "Intarweb 2.0" more appropriate...)