Hi all! During a private mail discussion with Mirjam Kuehne I got an idea that she requested that I presented it here as a proposal. #ifdef DISCLAIMER This idea may or may not be a good idea and is just presented as an possible solution on how to get more accurate hostcount numbers. If it is found useful you migth have it and if it is totally unintressting please discard it, I just presents it to see if someone migth have use for it. Also, this idea cover the areas of some DNS details as well as some security/privacy issues and I does not claim to be a master in either of those fields, possibly a happy beginner ;) #endif /* DISCLAIMER */ The current hostcount methods builds it's counting on the DNS A records but nowdays is there a lot of machines which is not being registred in DNS while they can make use of the Internet resources. Example of such machines may be machines behind firewalls, private addresses (193.168/16 and 10/8) or dial-in machines. These machines will not be found in the DNS and therefore will not be counted. In the effort of possibly make the hostcount values show more of the reality in some sense it would be good to get some method of collecting such hidden information. A method that would allow for the form of automation that the current hostcount has would be a good thing. One method that came to mind was to allow for some extra DNS entry to hold a domains true hostcount. I also thougth that some ISPs for instance migth object to have thier customer count out public since this migth be of sensitive nature. If (and I really mean if) they would trust some party (like RIPE NCC) with the number for the only purpose of creating a total host count and in that it would be hard to pinpoint a specific ISPs customer count. With this in thougth that one could have a public encryption key and private (to RIPE NCC or whoever does the hostcount for the region) decryption key scheme to hide this information, such a scheme that came to my mind was PGP. To aid that people would supply this information througth their DNS and also describe what a hostcount meant I think that some sort of Best Current Practice could be issued. There are of course a lot of difficulties involved here, and among them is to get ISPs and others to use it. So, my dear colleagues I now let this idea into your hands and I will be around to answer some questions. I hope it can at least give some inspiration to others to figure out something better. Cheers, Magnus
Magnus thanks for your thoughts and suggestions. They are worthy of discussion in other lists too, but you're probably right to start with the experts in the DNS WG, of which I am not one. I don't think that at any time the DNS host count has ever pretended to give even an approximate measure of the number of Internet hosts, let alone the number of Internet users. For example, there are some hostmasters who use DNS as a database for all systems in their jurisdiction, whether such systems have Internet access or not; this has been going on for a long time. More recently, there are many Internetters using machines hidden behind application firewalls and filter lists which do not appear in the host count. Perhaps the main use for the host count has been its recording of growth in individual countries (and gTLDs), in regions and in the world. It's really the change and the rate of change that we get from the host count; the absolute numbers are not that meaningful. There are many factors causing the increase in the host count. These include more desk-top computers (and less multi-user systems), more ISPs, more connectivity, etc. These factors and others seem so far to have outweighed the advent of firewalls, as the curve continues inexorably upwards. Of course it would be nice to know the number of 'hidden' hosts, and this could only be done on a trusted basis and with full cooperation from people at all levels - not an easy task. If this could be done, do you think there should be two separate hostcounts - visible and hidden? If we combine both in a single figure, we lose important information and also change the meaning of historic data - there will be a discontinuity in the curve. Anyway, I look forward to hearing views from the experts as to whether this can be done. Regards. Mike
Hi Magnus,
Example of such machines may be machines behind firewalls, private addresses (193.168/16 and 10/8) or dial-in machines. These machines will not be found in the DNS and therefore will not be counted.
There is also the other side: we do have lots of RFC1918 addresses registered in the DNS, we have lots of dummy addresses (one zone in DE consists of entries for nearly a complete "class B" network), there are thousands of IP addresses allocated for dialup (with only a small fraction being accessible at a time) and we have those "virtual domains", where many addresses represent different (inter-)faces of the same host for obvious reasons.
One method that came to mind was to allow for some extra DNS entry to hold a domains true hostcount. Even if you do not want to propose a new RR type but use TXT (or even kitchen sink :-) RRs instead, this would contribute to a higher complexity for DNS configuration for customers. With any modification (addition, deletion) you would have to update the "count" entry. Even without thinking of malicious intent, the numbers would soon become less accurate than they are.
I also thougth that some ISPs for instance migth object to have thier customer count out public since this migth be of sensitive nature. If
All privacy issues should be (and, in fact, are) covered by restricting outgoing AXFRs on all auth servers for a zone. -Peter
The current hostcount methods builds it's counting on the DNS A records but nowdays is there a lot of machines which is not being registred in DNS while they can make use of the Internet resources. Example of such machines may be machines behind firewalls, private addresses (193.168/16 and 10/8) or dial-in machines. These machines will not be found in the DNS and therefore will not be counted. In the effort of possibly make the hostcount values show more of the reality in some sense it would be good to get some method of collecting such hidden information. I'd suggest to first pose the question what the *need* is of a more accurate hostcount. It's good to have a rough idea about the number of hosts, but I fail to see any use for an *accurate* hostcount (other than perhaps for even more unwanted "commercial interest"). And if we would come up with even the possibility of an accurate hostcount, the next request would be for an accurate user count... Piet
The current hostcount methods builds it's counting on the DNS A records but nowdays is there a lot of machines which is not being registred in DNS while they can make use of the Internet resources. Example of such machines may be machines behind firewalls, private addresses (193.168/16 and 10/8) or dial-in machines. These machines will not be found in the DNS and therefore will not be counted.
My appologies if I am repeating anything said previously, however, it is important to distinguish between "hosts" and "machines". We must then decide which of the two we are trying to count. In the case of machines, this becomes difficult as it is sometimes almost impossible to tell whether two addresses reside on the same machine. In the days before HTTP1.1 and virtual interfaces, it would be easier to count the number of physical nodes on the Internet, however, advancement of protocols and operating systems has made this difficult. As for private machines, running through a proxy, do we count these as Internet hosts, since they are not directly connected to the Internet and merely request proxies to contact internet services and relay information. When we start talking dialup machines, it becomes more obvious that the count should try and focus on physical nodes. If an ISP has 2,000 customers and 30 modems, only 30 hosts will ever be using the internet at any one time, and only 30 IP addresses are being used to accomodate all 2,000 people. Therefore I would suggest that the ISP has 30 nodes. Regards Craig Craig R. Belcham - Domain Naming Manager. Mailbox Internet Ltd (http://www.mailbox.co.uk) Email: crb@UK.COM - Telephone: 0171 731 8558 Personal: me@crb.net http://www.crb.net
In the days before HTTP1.1 and virtual interfaces, it would be easier to count the number of physical nodes on the Internet Not really: long before that machines could have multiple interfaces and thus multiple A records, and based on that counted as more than 1 physical node. As for private machines, running through a proxy, do we count these as Internet hosts, since they are not directly connected to the Internet and merely request proxies to contact internet services and relay information. Something similar goes for hosts on private internets: I wouldn't count those as Internet hosts. When we start talking dialup machines, it becomes more obvious that the count should try and focus on physical nodes. If an ISP has 2,000 customers and 30 modems, only 30 hosts will ever be using the internet at any one time, and only 30 IP addresses are being used to accomodate all 2,000 people. Therefore I would suggest that the ISP has 30 nodes. Again, this depends on the purpose of the hostcount. If you want to count the number of hosts that can be active at any time on the Internet, then this ISP should indeed be counted as 30 nodes/hosts. If however you want to count the number of hosts that comprise all of the Internet, then hosts that *can access* the Internet should be counted; in that case this ISP should be counted as 2000 nodes/hosts. But I still don't see the purpose of any attempt to give an "exact" hostcount: what difference does it make if a count would give 15.000.000 or 15.478.329 hosts/nodes? Piet
participants (5)
-
Craig R. Belcham -
Magnus Danielson -
Mike Norris -
Peter Koch -
Piet Beertema