Yes, it only works for the reason you say. In organizations where the network administration is unable, undertrained, underfunded, or unwilling to assert total physical control of all the machines on the local network, it can break down badly while still working correctly. A few months ago a a professor in another department improperly put a machine on the campus network using an IP address assigned to our department, which happened to be that of our department's mail server. Because the university has not invested enough in network management hardware and software, it required 6 hours of searching for the rogue machine by unplugging network cables one at a time from 10 different devices each with 48 cables, and testing for whether the rogue machine had gone away. During all that time, and the 12 hours preceding where we didn't know that our problem was a rogue machine, no mail whatsoever could reach us. The DNS correctly identified the IP address. The Internet routers and the campus routers correctly found the machine with the published IP address, and naturally that machine declined to answer email protocol requests, which then queued up all around the world awaiting whatever the sender's retry and local timeout policies dictated. The network worked exactly as it was designed to, and we were screwed. This shows you why, for example, nobody operates telephone systems in which end-users get to choose their own telephone number, at least without enforceable permission from an authority. Worse, IP and DNS are badly spoofable in many situations where it is not worth the expense to prevent the spoof. Examples are outside the realm of this list, but probably most apply to GUID resolution to. It should be examined at the workshop whether spoof insulation is a requirement or not.
On 2/1/06, Richard Pyle deepreef@bishopmuseum.org wrote:
Bob Morris wrote:
I agree that it might, but I don't think it necessarily has
to. Again, I
point to IP addresses and DNS. They are obviously harmonized, but
aren't
locked up in administrative layers (or are they???)
Yes, they are, big time. Both have a hierarchy of organizational administrative control ending at IANA, the Internet Assigned Numbers Authority, http://www.iana.org/. If an individual proposes to put a
machine
onto the internet, they receive permission, an IP address, and a dns
name from
the appropriate local authority managing the network to which they will physically connect. Often that permission and issuance is done by
software
on a network host on that network (usually a DHCP, dynamic host control protocol, server. In turn, the network administrators will have received permissions from the next administration up the chain to issue a
specific
block of IP addresses, or specific form of names.
I think the active phrase is "locked up". My point is that the system works -- right? Or does it only "work" because the en-users are so well insulated from the administrative process? Would IP work more effectively if it wasn't harmonized on a global scale, in a centralized sort of way?
Rich