- From: Willy Tarreau <w@1wt.eu>
- Date: Wed, 24 Oct 2012 08:48:50 +0200
- To: Amos Jeffries <squid3@treenet.co.nz>
- Cc: Mark Nottingham <mnot@mnot.net>, ietf-http-wg@w3.org
On Wed, Oct 24, 2012 at 06:21:47PM +1300, Amos Jeffries wrote: > For the other types of middleware the DNS is irrelevant as you say. So > where is the benefit come in from doing it when middleware is involved? > there is none. Yet the interceptors will cause problems. A very > unbalanced situation leaning towards breakage. > > I'm +0 on the DNS mechanism. Looks good, but only for a small segment of > the market. I'd go further, the problem with DNS is that by design it's used to provide information for one record which corresponds to a host name. In my opinion it's totally unsuited for use with HTTP the way it's used today because I see no way it would cover the following cases : - multiple IP addresses advertised at different locations for the same record, possibly talking different protocol versions due to a progressive deployment. Eg : $ host -t a google.com google.com has address 74.125.230.197 google.com has address 74.125.230.196 google.com has address 74.125.230.201 google.com has address 74.125.230.200 google.com has address 74.125.230.192 google.com has address 74.125.230.199 google.com has address 74.125.230.195 google.com has address 74.125.230.193 google.com has address 74.125.230.198 google.com has address 74.125.230.206 google.com has address 74.125.230.194 - anycast routing : the same name and IP address exist on two continents, but they don't necessarily speak the same version. Some CDNs right now use anycast, it would be better if we don't tell them "switch all your nodes at once". - react to quick changes : you're installing your shiny new gateway supposed to talk http/2. You advertise it in DNS. Then you realize it crashes. Oops, rollover to previous 1.1 gateway, but the bad was already made, the world knows you're on the new one and caches this for some time. Site remains randomly accessible for the time users cache the record ; - multiple service versions at the same IP address as is often encountered on internal networks. For example, you have dynamic on :80 and :443 in HTTP/1 and static on :8080 and :8443 using HTTP/2. And note that in developer environments, it's very common to have 100+ ports bound on a same host with different applications being developped. I wouldn't be one of these users if my browser randomly used either version to access the application I'm developing depending on DNS records... Seriously, I think that using negociation for the standard scheme is the only way to make something compatible with what exists. Having a new scheme is fine to say 2.0 only but as someone (I don't remember whom) said a few months ago, proxies will have no choice but to obey and they won't all be 2.0 ready for some (long) time. Willy
Received on Wednesday, 24 October 2012 06:49:39 UTC