Paul Mockapetris, Chairman, Nominum

Paul MockapetrisPaul Mockapetris has contributed to the computing research community and to the evolution of the Internet
since the beginning of his career. He created the Domain Name System (DNS) in the 1980s at USC’s Information Sciences Institute where he was later the Director of ISI’s High Performance Computing and Communications Division.

His earliest work at UC Irvine on distributed systems and LAN technology preceded the commercial Ethernet and Token Ring designs. Mockapetris was also program manager for networking at ARPA in the early 1990s, supervising efforts such as gigabit and optical networking.

Since then, Mockapetris served as chair of the Internet Engineering Task Force (IETF) from 1994 to 1996. He also held leadership roles at several Silicon Valley networking startups, including @Home, (now OpenWave), Fiberlane (now Cisco), and Siara (now Redback Networks). Mockapetris now spends his time as both the chairman and chief scientist of DNS specialist Nominum. sat down with Mockapetris to talk about his mission to help guide DNS and IP addressing to the next stage.

Q: Talk about your work with DNS. What got you started on this path?

I was a student at the Information Sciences Institute down at USC and one day John Postel came into my office and said, “There are three or four proposals for dealing with this host naming problem, do you think you might be able to put together a compromise? Basically what I did is I put my own foot forward on the compromise.

My vision of the DNS — when I think about it — is a very lightweight distributed database. A peculiar one. It is not at all like Oracle, but more for putting application information in. When people ask what was the first application of the DNS (they say), “It was to map host names to addresses, right?” No . . . The first application of the DNS was to keep track of servers that were making up the whole DNS function. People oftentimes don’t realize that we have 2 million servers that make this [the Internet] work. And coordinating the activities is done by the first applications of the DNS.

And the second function was to make host addresses available. People over time have added half a dozen or a dozen other applications on top of it. One of the more ironic things is the first application on top of the DNS that I pushed for and they didn’t do was Mail routing or MX records.

Q: And what is DNS being used for right now?

Active Directory uses DNS to locate up services. The DNS functionality that you hear so much about is more about how phone numbers will be routed for Voice over IP. The people who are doing RFID tags are using DNS because they need a lightweight distributed database.

Just to be clear, DNS is not going to replace Active Directory or LDAP or Oracle or Google. But I think as Google has shown us the ability to create a function that lets users access data.

Today everyone takes datagrams for granted. But at the time, EBN was running the ARPANET and they said, “No you have to set reservations and circuits ahead of time.” And everybody said all communications should be connection oriented. And DNS seemed to be a unique case for deployments and other reasons and where you could put a new kind of reliability into the network. Everybody talks about how TCP gets reliability by sending packets over and over and over again, which is OK if you know which two parties want to talk. But in the case of DNS, you want a piece of information. So DNS just says well if one server didn’t answer me then I’ll try the next and the next and the next. If you fast-forward to 2001 when there was an attack on the root server, it’s really fascinating because people say several of the root servers were not available during the attack. Basically, what was happening was that you could talk to local servers but not the ones that were far away.

Q: Anything about DNS surprise you since you first came up with the idea?

Two years ago, I thought, “Gee, growth in DNS services would require high-performance servers, which is one of the things that we do here at Nominum. Well the growth happened. But the growth was in viruses, worms and Spam attacks.

The amount of traffic on the Internet can surge by a factor of 10 to 20, not to mention broadband service providers now had millions of users. When you display a Web page, the second you do, the number of DNS lookups that happen at that moment is probably two or three. In extreme cases, I’ve seen 50. So the speed in which you can display Web pages to customers is often related to the speed in which you can do DNS services.

Q: How does this relate to what you are doing now with DNS?

My first startup was @Home. I was employee No 2. Every time we added a new customer we would add a few lines in the directory to configure them. It was fine until you started adding thousands of users a day. And then you say, “OK, I’m adding a thousand users per day I changed the configuration pile. I’ve rebooted and the server takes a minute to come back up.” That’s pretty fast. But that means I’m down for a thousand minutes per day? I can’t do that. So these large service providers when they want to do changes on the fly and get redundancy in DNS and the host directory can come to us.

If you believe in the vision of DNS as a database, there is RFID functionality and this phone number for Voice over IP, there is a host address functionality that interconnects with Active Directory. Then you realize that the people who administer those functions are not going to be the same person anymore. It used to be that some of your system admin foryour network was to do it. But he is not going to be dealing with RFID tag allocations or maybe even phone numbers.

So the next frontier is managing the managers because what will happen is that two people will be trying to fix the same problem and there is no way to coordinate their activities on the database.

Q: So, do you think that DNS is the best solution going forward?

In 1984, I had the people working on the X500 protocols tell me that they were going to bury me. That they were going to be the standard worldwide. In some was I don’t relish the roll as being the incumbent and having inertia as my ally. But to some extent it is. If you have a lightweight database function you want to run Internet-wide, you are going to have to have
something that is just a little bit better to displace it. But nothing lives forever on the Internet. Technology is inherently disposable.

Q: So what are the opportunities for DNS?

People want to own the database. If you take a look at Qwest when Qwest was in trouble and several other telcos. I think there were $10 billion in directory services sold in 2002 by people who wanted to raise money. They couldn’t sell the fiber. They couldn’t sell the switches. Owning the directory is a very valuable thing. I think the thing that will be interesting will be to see how that “market-tecture” plays out.

Q: Market-tecture?

A Market-tecture is: “Who are the players? What do they own? and How are they going to trade it?”

So you can figure all the cable guys are going to get together to figure out how to do a bypass and bring things into their own infrastructure without having to pay anybody else. The second is they want to do is commoditize whatever it is that they are buying.

From a technical point of view it will be, “How do I glue together these separate systems?” Another way to look at this is when people say that DNS won’t be able to handle all of these queries. The amount of data that it takes to route a query is some fraction of a second of what the voice call is going to need in the way of bandwidth. You are not going to run out of bandwidth. You are not going to run out of servers. The problem may be putting it inside of VLANs or VPNs so that hackers can’t cause problems with denial of service attacks. But these guys are going to want to own the data and not make it public anyway.

There are a few countries that are going to do public versions because they have the vision and they think its in the interest of the public domain. But that won’t happen in the U.S. Not to mention that people are going to want to control this data so that they can do wire taps and the legitimate means of law enforcement.

The longer-term issue is this notion of phone numbers. Are we going to have phone numbers or not?

My theory on this is everybody wants to own Instant messaging IDs and everybody wants to own domains — your name at Yahoo mail or Hotmail. There is a branding thing that is going on here. There is no particular greater good in being a .com than .biz. So one of the things that I think is going on is that need to bring the legacy database forward and these connections in the Internet in the form of telephony. But what will end up happening is that the Internet will try to get rid of phone number. This makes sense in a number of directions. One is that you don’t have to pay the person who owns the database. But a lot of services providers will try to make URLs replace phone numbers. When I use my cell phone, I can probably reproduce about five percent of the numbers that are in there. I use the directory when I make a call.

My theory has always been that phones have processors, so why doesn’t it have a directory in it of frequently known numbers and why doesn’t it have a way to do directory service to look up numbers. If I want to call Paul Mockapetris, do
I care if what comes back is a URL or a phone number? So there is a good chance that people don’t care whether calling someone uses a URL or a phone number.

News Around the Web