DNS Scaling issues

Mary Wong MWong at PIERCELAW.EDU
Mon Oct 26 05:03:42 CET 2009


Jorge, thanks so much for this summary and update. It's very useful, and
as one of the non-technie lawyers here in Seoul (and periodically but
regularly needing to deal with technical issues on the Council) I for
one appreciate your sharing your expertise.
 
I hope members - especially those who are not able to attend ICANN
meetings in person - don't think that the only major issues NCUC has to
deal with are trademark-related (fundamentally important though that may
be). The trademark issues are also but one (albeit substantial) part of
the whole discussion about new gTLDs. At this meeting, for instance,
studies and decisions relating to matters that will have global impact
include the forthcoming introduction of fast-track IDNs,
registry/registrar vertical separation, and malicious conduct (from
abusive registrations to phishing etc.)
 
I hope that members with expertise in all these issues, from technical
to legal, will contribute to our learning and discussion on this list.
 
Thanks,
Mary
 
 
 
Mary W S Wong
Professor of Law & Chair, IP Programs
Franklin Pierce Law Center
Two White Street
Concord, NH 03301
USA
Email: mwong at piercelaw.edu
Phone: 1-603-513-5143
Webpage: http://www.piercelaw.edu/marywong/index.php
Selected writings available on the Social Science Research Network
(SSRN) at: http://ssrn.com/author=437584


>>> Jorge Amodio <jmamodio at GMAIL.COM> 10/25/2009 11:35 PM >>>
I received a question from Rafik that I believe interesting to share
my answer with the rest of the
NCUC crowd.

Question from Rafik (via FB)
>Hi Jorge,
>
>it is plenty of lawyers here , I am not sure that they understand
technical side. almost discussion
> are about trademark, trademark and trademark.
>wil be glad to know your feedback (technical)
>
>Rafik

yes way too many lawyers over there.

>From the technical side, the first thing you must know is that the
three reports which are connected
are not conclusive.

One of the reports deal with how the technology scales or not, that's
the OARC report
(Root Zone Augmentation and Impact Analysis), which shows that servers
running BIND or NSD may
be able to scale swiftly but there are some breaking points where
memory and concurrent number of
processes running on the servers could produce problems.

There are also some issues related to server load and additional
traffic growth based on the increase in
size of the dns query responses that exceed 512 bytes due or
additional IPv6 glue records or
DNSSEC information.

Users sending queries for which the answer will exceed 512 bytes and
are not able to receive that
response via UDP will revert to TCP, this has the side effect that now
the query has to establish
a full TCP handshake, taking more processor time/memory and additional
network traffic, this not
only will increase the delay to obtain the response but also will put
more load on the servers and
on the network. And the studies are preliminary since there is not yet
a conclusive study that shows
how the entire system will behave when DNSSEC is fully deployed.

Also having the query being satisfied via TCP will potentially break
the use of ANYCAST as the
mechanism that enables to have replicated "mirror" root servers around
the world.

The second report, or the "TNO Report"  (by the folks from
Netherlands) only describes the model has
been used to forecast and try to put together a systematic model to
simulate the DNS root,
but it is just that a description of the model and unfortunatelly
given the short time these
guys had to do their job the report states:
"Given the time frame of the root scalability study, there was barely
time to perform scalability analysis
with the model. However, for purpose of model validation and to
illustrate typical use of the
simulation model several numerical cases were simulated."

The last report, and most important one is the report of the Root
Scaling Study Team known
as the "Report on the Impact on the DNS Root System", which also
address many aspects
of scalability but in particular how the associated processes (like
dealing with VeriSign, IANA,
root operators, DoC, etc) scale or not.

One of the important topics on this report (and you can talk more
about it over there with
Patrik Fältström) is that the recommendation is that we need to
introduce all these changes
to the root zone in a gradual manner and have the tools to monitor and
analyze the impact
of each change since all the previous experience has been based on the
concept that the
root zone is something in the system that has been stable and without
major changes, and
the problem is not just adding the new TLDs, is how the processes and
the overall system
will react when we are required to update/remove/change entries in the
root zone in a
more dynamic fashion with many thousands or hundreds of thousand new
TLDs.
Some changes will be driven by the technology, such as DNSSEC that
will require changing
keys, signatures, etc.

Because of the rush and pressure of the moment, many years ago we
missed the opportunity
to nail the baseline metrics and study the overal system before the
"proof of concept" TLDs
where added to the root zone.

This is the information that now the SSAC is digesting but there is a
lot of work to do
to put together a summary report and reach a more conclusive analysis.
So far the best
advice seems to be "PROCEED WITH CAUTION".

The lawyers need to understand that this is a real concern and not
just a trick to delay the
introduction of new gTLDs.

Feel free to ask if you need more specifics or have any questions.

Here are the links to the three related reports:

Root Zone Augmentation and Impact Analysis:
http://www.icann.org/en/topics/ssr/root-zone-augementation-analysis-17sep09-en.pdf

TNO report - Root Scaling Study
Description of the DNS Root Scaling Model:
http://www.icann.org/en/committees/dns-root/root-scaling-model-description-29sep09-en.pdf

Scaling the Root - Report on the Impact on the DNS Root System
of Increasing the Size and Volatility of the Root Zone:
http://www.icann.org/en/committees/dns-root/root-scaling-study-report-31aug09-en.pdf

Regards
Jorge
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20091026/99496e94/attachment.html>


More information about the Ncuc-discuss mailing list