• dfyx@lemmy.helios42.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    3 days ago

    DNS itself isn’t that complex. We can ask for multiple things (A, AAAA, MX, NS, TXT, …) and servers form a hierarchy so not everyone has to directly talk to the server that has authority over a domain. Maybe add DNSSEC if you feel fancy. That’s about it.

    The complexity comes from actually running these things at an enterprise or even global scale. Giving out different replies depending on who asks so everyone can contact a server that’s geographically close to them. Load balancing between multiple nameservers. Aggressive caching. Failovers. Rights management. The reasons why DNS is the culprit for so many outages are a) the complexity we have layered on top of a relatively simple protocol and b) a lot of other stuff relies on DNS so problems spread super fast.

    • BestBouclettes@jlai.lu
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 days ago

      Oh yeah I’m well aware of DNS,. But I remember an article raising the alarm about the ever increasing complexity of the code behind it, and the progressive loss of knowledge due to it being a very old protocol.

      • dfyx@lemmy.helios42.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 days ago

        I’m with you on the increasing complexity of code. That goes along with what I said about enterprise and global scale.

        But loss of knowledge? Really? DNS is not some arcane knowledge limited to an inner circle who was there when it was invented. You can literally read RFC 1034 and RFC 1035 and know everything you need to build a basic working DNS server or client. The concepts are literally taught in every university course about networking because they are that important.