September 6, 2006 4:00 AM PDT

Will Vista stall Net traffic?

Thanks to new directory software, Windows Vista could put a greater load on Internet servers. But experts disagree over whether we're headed for a prime-time traffic jam or insignificant slowdown.

Microsoft's launch of Windows Vista could slow down or stall traffic on the Net, said Paul Mockapetris, who is widely credited with inventing the Internet's Domain Name System (DNS). Mockapetris believes Vista's introduction will cause a surge in DNS traffic because the operating system supports two versions of the Internet Protocol, a technology standard used to send information over computer networks.

"It is going to be mud season on the Internet, where things will just be kind of slow and gooey."
--Paul Mockapetris,
DNS inventor

"If you adopt Vista, your DNS traffic is going to double," Mockapetris said in an interview. With many DNS servers already running close to capacity, this can have serious consequences, he said. "You're going to see brownouts. All of a sudden, it is going to be mud season on the Internet, where things will just be kind of slow and gooey."

Vista may cause an increase in DNS traffic, but not to the extent predicted by Mockapetris, Microsoft countered in a statement provided to CNET News.com last week. Other experts support Microsoft and suggest Mockapetris' predictions are related to his role at Nominum, the Redwood City, Calif., vendor of DNS products where he is chief scientist.

Others agree that Vista could cause a spike in DNS traffic. But they're not expecting dire consequences. "Vista, due to its support for IPv6, will cause somewhat higher load on name servers as it checks to see which protocol to use," said Dan Kaminsky, an independent researcher. "But this is not the stuff that blackouts are made of."

Vista is the first Windows version to support the new IP version 6, which is designed to provide a broader range of IP addresses. As current IPv4 addresses are becoming scarce, IPv6 will provide easier connectivity across the Internet and remove the need for IPv4-addressing schemes such as network address translation, which can require additional management burdens and cause application incompatibilities.

But IPv6 is far from being universally used. So, Vista will also support the current IPv4. The side effect, according to Mockapetris, is that a Vista PC will make two DNS requests, one for each IP version, instead of just one.

"It is going to try a DNS lookup for the IPv6 address and then a DNS lookup for the IPv4 address," Mockapetris said. "It just uses more DNS, and until we increase the supply, things are going to go slower."

DNS is crucial to the Internet. It functions as a phone book, mapping text-based addresses such as www.cnet.com to the actual numeric IP address. DNS servers are typically run by Internet service providers, hosting companies and larger businesses that have Net connectivity.

Nominum commissioned a survey of the DNS servers run by large broadband ISPs. "It looks like they are right at the knee and curve and if Vista was all of a sudden deployed everywhere, we'd be having rolling blackouts," Mockapetris said. "For my home network, it is not going to matter, but for these people with millions of users, it is going to matter."

CONTINUED: Fear, uncertainty, doubt…
Page 1 | 2

See more CNET content tagged:
domain name, IPv4, DNS, IPv6, Nominum Inc.

83 comments

Join the conversation!
Add your comment
Propaganda..
After reading the article, I went and tested it myself. And the results are..

This guy is a complete idiot.

Yes, Vista has support for IPv6. But guess what, so does XP and 2000. It is not the main DNS method in Vista, and you have to manually turn support for it on for it to work.
Posted by darkane (39 comments )
Reply Link Flag
That's right... it's optional
You can easily uncheck IPv6 in the network settings dialog, just as easily as you can disable IPv4. That's why they HAVE those silly little boxes in the first place...

And besides, just because the machine has support for IPv6 doesn't mean that you're using an IPv6 IP address to connect to the internet.... why would your PC even care about IPv6 at a time like that?
Posted by DraconumPB (229 comments )
Link Flag
What about DDOS Attacks using DNS?
If i could remember the exact story i'd post the link, but a while back (maybe a few months) i read a story about attackers using DNS servers to perform DDOS attacks by spoofing an IP. Although there was concern at the time, this guy seams to be even more concerned about this, its hard to believe he is seen to be one of the people behind DNS
Posted by CubanPete (4 comments )
Reply Link Flag
I thought...
I thought the article was going to talk about all of the viruses,
worms, and spam being spread over the internet through Outlook
and zombie windows boxes...
Now Vista will up the traffic by default.. as well as being a host for
viruses and malware.
Posted by Jesus#2 (127 comments )
Reply Link Flag
It just goes to show...
That's what you get for thinking.

How is Vista going to clog the internet? Do do that, it has to be used, meaning you have to have people willing to buy it or upgrade to it first. So far I haven't seen anyone standing in line yet. It seems IT departments are moving more to the attitude of "if it works now, then don't upgrade it."
Posted by Seaspray0 (9714 comments )
Link Flag
Utter nonsense
ohs nos its the end of the interwebs when Vista gets deployed. This is like Y2K re-lived, teh DNS and interweb will be teh kaput! I think I hear Chicken Little saying 'The sky is falling!'. These anti-M$, anti-Vista, anti-Corporation, anti-Government hippies are just frothing at the mouth and obviously will say anything they can to demonize this new product.

DNS regardless of how many protocols are installed on a given machine is a very thin process. It takes quite a bit to overload a DNS server, you would be more likely to overload the network connection before the DNS servers. Even in the event that you couldn't get to a DNS server, you'd be refered to another one, that is how the system is structured. The likelyness of a root server being taken out is slim, even so, there are redundant systems in place and there are more than 1 root server.

Guy needs to get some more edumacation.
Posted by Mr. Network (92 comments )
Reply Link Flag
Anti Microsoft is pro business.
I am pro business. I know far too many good software companies that have had innovative ideas that have decided not to go to market with them because Microsoft would come out with a third rate version and spend lots of marketing money to run them out of business,

Microsoft is anti business anti any corporation other than Microsoft and anti innovation.
Posted by ralfthedog (1589 comments )
Link Flag
Yahoooooo
WELL PUT!! Most of their problem is they can't learn anything else, so more education would definitely overload their dns servers
Posted by philchil (1 comment )
Link Flag
Quick to judge
First of all, please learn how to type and/or spell.

Second, Mockapetris WROTE the DNS protocol, I think he's a bit more edumacated than you.

Finally - the article misses a critical element. Mockapetris is talking about the risk that ISPs don't have sufficient CACHING DNS resources. In DNS, reducdancy is most significant when it comes to AUTHORITATIVE servers - where you routinely have three servers and can go to many more. You can generally only enter two caching DNS servers, and the servers at many ISPs are very close to capacity (due to lack of attention).

I think it's quite likely that Mockapetris is overhyping the issue, since Nominum has a product to sell. But I have personally experienced major problems with latent CACHING DNS from my ISP - which uses a third party that wholesales to a number of other ISPs. The servers are close to maxed out, and having a number of clients start double requesting could make like hell. And, of course, no one at the ISP knows diddly about DNS.
Posted by ksajflkjdslfkj alksejdlka (2 comments )
Link Flag
Interweb?
"Interweb"? What's that? Kind of like the "InternetS"?

"Guy needs to get some more edumacation [SIC]."? Really? The guy who is credited with INVENTING DNS needs to get more "edumacation" about DNS?

He may be alarmist, but better to err on the side of caution when dealing with Microsoft. I have no confidence in the claims of a company that has a history of poor and insecure coding.

The only reason I think he is wrong is because I don't think anybody will upgrade to Vista, at least not quickly. Vista is the most significant resource hog Microsoft has ever produced, snarfing up a huge amount of disk space, RAM and CPU cycles for marginal visual improvements. I'm sticking with W2K and WinXP until Microsoft stops supporting them, and then I'm switching to Linux or a Mac.

B.
Posted by bahead (27 comments )
Link Flag
XP Also Supports IPv6
No Big Deal. Contrary to what the article stated, XP does support IPv6 (just take a look at your network settings in Control Panel). Most home and many corporate routers don't support IPv6 anyway, so Vista is not going to have a huge impact in the short term.
Posted by ehfla (96 comments )
Reply Link Flag
Does XP do a double look up on every query?
And does it do so by default?
Posted by ralfthedog (1589 comments )
Link Flag
wrong
Most "corporate" (substitute enterprise) routers do support IPv6, and have for several years now. They just do not have IPv6 on by default.

"On by default" seems to be the whole issue here.

This whole conversation is FUD. I think the reason it was put on this website is so the writer could use FUD in the article.

Oh, btw, OP, bad form to abbreviate Washington.
Posted by Xalorous (24 comments )
Link Flag
Why the panic?
Even if what they say is true, Vista is still not complete. There is still time to just change it so that it only uses ipv4 only. What's the big deal?
Posted by thedreaming (573 comments )
Reply Link Flag
Depends...
If MSFT acts quickly enough, Vista should pick one or the other as a primary DNS source, where it tries a query in IPv4 first, then IPv6 after a timeout period if the first one fails (then again, the original plan to do two queries is rather stupid IMHO...)

But the blame isn;t just on MSFT: IPv6 is coming anyway, and DNS services should've been written to anticipate this no matter which OS is asking (e.g. look at the inbound query source addy and determine version from its format, then format the reply to the asking machine as appropriate).
Posted by Penguinisto (5042 comments )
Link Flag
Why blame Vista?
If current infrastructure won't support IPv6, that's not Vista's fault. Why blame Microsoft for using up-to-date technology?

The answer: Because it's fashionable to blame Microsoft for everything.
Posted by mcugaedu (75 comments )
Reply Link Flag
It is our moral responsibility.
Why blame Vista? Doing simultaneous IP v4 and an IP v6 queries is just plain silly. Like Penguinisto said. Vista should try the query on Ipv4 first and only try IP v6 if it fails. Will this crash the Internet? No, it is an example of the very bad engendering that went into Vista.

We have a moral responsibility to point out as many flaws in Vista as we can. This gives Microsoft a chance to fix some of the most disturbing issues, and with any luck, we can talk a few users out of upgrading. Perhaps we can even talk a few people into moving up to Linux.

Vista with its wide open security will slow down the Internet. This is just one small straw.
Posted by ralfthedog (1589 comments )
Link Flag
right
up-to-date technology like EFI? Or more like up-to-date DOS
support?
Posted by ethernet76 (88 comments )
Link Flag
Yikes! I have to agree.
I like to blame Microsoft for everything bad in the world because I
figure that way I'll be right at least half the time, but this is just
silly. As a Mac user who's had IPv6 capable systems for years now,
I'm glad to see Microsoft finally adding the support. It's long
overdue.
Posted by Macsaresafer (802 comments )
Link Flag
Don't panic!
Vista will have the slowest adoption of any recent version of Windows, if Office adoption rates are any indication.
Posted by TV James (680 comments )
Reply Link Flag
Keep 'em coming!
You guys are hilarious!
Posted by KTLA_knew (385 comments )
Link Flag
Microsoft DRM and registration is a good thing after all.
I know more and more people who are leaving Microsoft just because the DRM is a huge pain when you have to format reinstall or change out hardware.
Posted by ralfthedog (1589 comments )
Link Flag
CNN confirms that...
<a class="jive-link-external" href="http://money.cnn.com/2006/09/07/technology/Reality_check_Vista.biz2/index.htm?cnn=yes" target="_newWindow">http://money.cnn.com/2006/09/07/technology/Reality_check_Vista.biz2/index.htm?cnn=yes</a>
Posted by Penguinisto (5042 comments )
Link Flag
Why doesn't Vista have an option to turn it off?
If doing this "double lookup" is supposedly going to cause DNS net chaos, then surely a simple move would be for Microsoft to allow users to turn off support IPv6 in Vista (maybe they do allow that in Vista, but the article doesn't state this)? That way, Vista users' lookups will be quicker and everyone will be happier. I can turn off IPv6 support in Linux distros fairly easily, so why not Vista?
Posted by rklrkl (143 comments )
Reply Link Flag
You can
I'm pretty sure you can turn IPv6 off in any OS that can use it.
However, a lot of us believe it should be left off by default.

Home users rarely need it, and businesses usually modify core
OS settings before deployment. So by default it should be off.
Like any rarely used service should be.

This is why Windows users have so many problems. There's a
ton of features most of which are on by default. Half of the older
viruses relied on never-used network features which were on by
default.

From microsoft's standpoint it's just easier for them to turn
everything on. It's less support calls because they didn't know
they had to turn on DCOM or some other setting.
Posted by ethernet76 (88 comments )
Link Flag
You can
I'm pretty sure you can turn IPv6 off in any OS that can use it.
However, a lot of us believe it should be left off by default.

Home users rarely need it, and businesses usually modify core
OS settings before deployment. So by default it should be off.
Like any rarely used service should be.

This is why Windows users have so many problems. There's a
ton of features most of which are on by default. Half of the older
viruses relied on never-used network features which were on by
default.

From microsoft's standpoint it's just easier for them to turn
everything on. It's less support calls because they didn't know
they had to turn on DCOM or some other setting.
Posted by ethernet76 (88 comments )
Link Flag
From TechNet
Disabling IPv6
Unlike Windows XP, IPv6 in Windows Vista and Windows Server Longhorn cannot be uninstalled. To disable IPv6 on a specific connection, you can do the following:

" In the Network Connections folder, obtain properties of the connection and clear the check box next to the Internet Protocol version 6 (TCP/IPv6) component in the list under This connection uses the following items. This method disables IPv6 on your LAN interfaces and connections, but does not disable IPv6 on tunnel interfaces or the IPv6 loopback interface.

There are also instructions on how to change the behaviors of it via the registry including as stated above, to check ipv4 before ipv6.
Posted by DrtyDogg (3084 comments )
Link Flag
Deja Vu all over again
Windows 2000 was supposed to collapse the net, too. Rememeber that?
Posted by (402 comments )
Reply Link Flag
It did.
The raw sockets left open with windows 2000 lead to all sorts of nasty exploits worms and stuff. I will admit that there were fewer packet spoofing DDOS attacks then were expected, but that is largely because hackers found much more fun things to do, and better ways to make money.

Next time you find your inbox filled with spam, just remember that most of it comes from bot nets, and quite a bit of that comes from raw socket exploits.
Posted by ralfthedog (1589 comments )
Link Flag
Fear DRM attack not DNS
Vista is rife with built in DRM viruses. That's what you should be concerned with, owning a PC that won't act like a PC. Get ready. The DRM attack will soon hit a computer near you.
Posted by GrandpaN1947 (187 comments )
Reply Link Flag
Not really a problem...
Okay, the thing is a lot of people might have IPv6 enabled but
*most* people won't be supplied with a valid routable IPv6 address
because they won't be attached to an IPv6 network or have access
to an IPv6 DHCP server.
Posted by rapier1 (2722 comments )
Reply Link Flag
Most current routers don't support it
Most people I know have internet routers at home to share their connection that know NOTHING of IPv6. And the translate the address. Nobody with this kind of router is going to pass any IPv6 traffic to the net.

Neither is anyone with a business configured with most current NAT schemes.

I just don't see where all this extra traffic is coming from. Grandma who buys a Vista PC and hooks it directly to the internet with no firewall.

And even then, does her ISP give her an IPv6 address (or pass it along)? Again, it's questionable where all this traffic is coming from.
Posted by paulreid99 (74 comments )
Reply Link Flag
Plenty of time
Vista might pose a problem some day, but first MS has to ship it,
then people have to purchase hundreds of thousands of copies.

We've been promised Vista for over 5 years and still can't buy it.
And I doubt if many will in the next couple of years.

There's plent of time to work on DNS.
Posted by rcrusoe (1305 comments )
Reply Link Flag
Like fat slowly clogging the veins
Vista will be to the web as saturated fats are to humans. Yes they wont kill you but if you eat to much you will slowly but surely close your pipes. There should be a traffic monitor in place and a fining system setup before the web gets gooey. If you want to slow it down you must pay to upgrade it.
Posted by eartist (1 comment )
Reply Link Flag
Y2K II
Maybe this is the Y2K we missed the first time...Can you imagine what the thought of this potential event will do to the price of oil?
Posted by dburr13 (117 comments )
Reply Link Flag
Oh yeah...
I seriously hope you are just kidding. :)
Posted by zaznet (1138 comments )
Link Flag
Oh Come on...
Enough with the scare mongering...

"if Vista was all of a sudden deployed everywhere, we'd be having rolling blackouts"

Yeah sure, but that just isn't going to happen in a world where people are still running W95 &#38; W98.
Posted by MadKiwi (153 comments )
Reply Link Flag
Mockapetris May be Correct, but Nobody is Asking the Right Questions
As usual there is so much Microsoft bashing going on that everybody is missing the point. Microsoft isnt helping much by going into knee jerk denial mode. It seems the PR people are writing press releases, and nobody is looking at the issue.

What Mockapetris is saying is that DNS servers at the carriers and major ISPs are running at capacity.

Granted Mockapetris is selling industrial strength domain servers suitable for large ISPs and phone companies. Surprise a self serving statement on the internet. I am shocked shocked! (There seems to be gambling going on as well!)

The internet is still growing at a terrible rate even though it is so huge we dont see it as dramatically.

It took a looooong time for CNET to come up. The stall was most likely due to a slow DNS response as I know I have a fast pipe.

CNET wrote the story so as to make it seem to be Microsofts fault that DNS systems are at capacity. The issue isnt whether adding IPv6 will double DNS queries or just raise them slightly. Mockapetris is saying any increase in DNS load will push things over the edge unless capacity at the server end is increased.

Nobody writing the story interviewed a carrier or large ISP and asked how loaded their DNS servers are. Nobody did any measurements on DNS response times. All I saw was dumb statements from PR types who didnt have a clue what the question was about.

Microsoft ought to know better. They have a fewcompetent people. The PR people should have found one of them before responding.

Im sure Mockapetris is delighted that Vista will increase load for DNS. We'd all like to see the problem fixed before net response times get any slower.
Posted by BillyBrack (4 comments )
Reply Link Flag
DNS Speed
" It took a looooong time for CNET to come up. The stall was most likely due to a slow DNS response as I know I have a fast pipe."

Its unlikely DNS had anything to do with that. CNET is usually one of the slower 'news' sites. Is google coming up just as slow?
Posted by (402 comments )
Link Flag
Are you kidding?
DNS is thin, runs fast, you'd overload a network connection before a server running DNS. DNS is distributed so if you can't hit one, you hit another.

The slowness you are experiencing could be anything, could be a switch at your ISP overloading, could be the web server at cnet's facility overloading. When it comes to the internet, DNS is the least likely cause of 'slowness'
Posted by Mr. Network (92 comments )
Link Flag
how about some substantiation
especially from a large provider or anyone actually hosting a significant number of public DNS servers - e.g. Yahoo, Qwest, Comcast, Verizon, ... oh, wait -

"Representatives for Comcast, Verizon Communications and EarthLink, all companies with a high-speed Internet access business, were not available to comment on this story."

Even better, there's really no decent technical backgrounder on the issue, so readers who don't really understand the underlying factors get a really skewed and inaccurate perspective on what's going on. I wish CNET would focus more on the technical and less on the sensational.
Posted by Hardrada (359 comments )
Reply Link Flag
The Virus and Worm Attacks Will Crush the Internet During Vistapocalypse
The storm of DDOS attacks by all those zombied machines will just take down the Internet.

The Vistapocalypse Cometh

Robert
Posted by Sumatra-Bosch (526 comments )
Reply Link Flag
This is BS
Two annoying things about these posts (although I see some decent ones out there) 1) people it seems don't have Vista RC1 installed and therefore have no basis for any comments 2) people it seems don't have any prior knowledge about networking in general and therefore have no basis for any comments.

There is one good reason as to why this story is BS. The default option in Vista RC1 is to "Obtain DNS server address automatically". If your ISP doesn't support IPv6 DNS lookup (which can be the case, regardless of whether or not you have an IPv6 address) then you have NO ABILITY TO PERFORM AN IPv6 DNS LOOKUP. This is true even if you have the IPv6 protocol installed and applied to a network connection.

As a secondary point, DNS lookups are cached. You'd have to request a different webSITE every single time to force a DNS lookup (within the cache window, which depends on the software), let alone two!!! each time. And ISPs are not stupid either, do you think that Comcast's DNS server goes out to the DNS Root server everytime one of its millions of customers tries to go to yahoo.com? If you do, you are nuts! They cache as well.
Posted by eimboden (13 comments )
Reply Link Flag
You're right.
Also dns is cache inside windows (you can delete the cache with ipconfig /flushdns )

Even in a old 56kb modem connection you don't need to worry about dns bandwith.
Posted by Magallanes (190 comments )
Link Flag
This is BS (hmmm...)
What Vista currently does, or will do, on this issue aside. "Obtain IP and DNS automatically" is pretty common, nothing amazing there. Getting your ISP's DNS Servers also nothing amazing there. It's when you go to "If your ISP doesn't sipport IPv6 DNS lookup" that you really fell astray. What ISP these days doesn't support IPv6 DNS lookups? Please send me an example ISP. Then you have no ability to perform an IPv6 DNS lookup? I don't think that's true. Have you tested this? Or do you have references that this is what will happen? Even if it would stop you from doing IPv6 lookups what percentage of real ISPs would this be? zero percent?

Also yes DNS queries are cached... but you ought to do some real world testing and see how much DNS query traffic actually comes out of your computer to your ISP. You must not do much when you surf besides always going to yahoo.com. Lot's of people go to lots of other sites... I go to dozens of different sites per day myself. Also there are lots of sub sites on yahoo and google and such. Examples: images.google.com, groups.google.com. Everyone is not going to these all of the time. But I click on them pretty often. Do a search engine search for something and you can't tell me cache is going to predict what results users are going to click on (what web site name) requiring a DNS lookup.

The only things that are going to affect this issue are: 1.) What MS Does in Vista to stop v6 lookups when there is no V6 connection, and 2.) What the root servers do (or have already done) to handle additional traffic.
Posted by aspicer (3 comments )
Link Flag
It might cause slowdowns but I doubt it will Stall
Microsoft never has been network traffic friendly. Regardless of whether it was NetBios broadcasts, Browser Master notifications, DHCP notifications or DNS lookups and even Microsoft's own MHTML (Microsoft HTML). It's always been a network bandwidth hog... even back in the Win95/98 days!

Whether they will cause a blackout or brownout is yet to be seen. Personally, I doubt it unless they do unnecessary queries instead of caching. But if they're low on memory... then will they increase their DNS lookups?

It takes a whole lot of DNS requests to bog down a DNS server. But even if it doesn't take down a DNS server, it will increase used bandwidth both locally and across the internet to your ISP's DNS.

Microsoft... as well as everybody/anybody else... needs to start making their protocols and software using the current protocols more network friendly!

Walt
Posted by wbenton (522 comments )
Reply Link Flag
Of course it will...
We are talking about a Microsoft product, correct? Of course it will further strain the resources of anything it touches. Each and every previous OS from MS has done just that, why would Vista be expected to do anything different?
Posted by extinctone (214 comments )
Reply Link Flag
Not a Microsoft product.
IPv6 has nothing to do with Microsoft. It is a future standard that they are trying to continue to support. Linux already supports it, I believe OSX does too as does Windows XP. The only reason that this could be construed as a Microsoft problem is because of their market share. As shown in my earlier post it is just as easy to disable in Vista as in XP, but nobody seemed to even notice that it was available in XP.

This is a sensationalized story pushed by a company that stands to profit from the upgrades to DNS servers.

As stated in earlier comments, and somewhat in the article. The only problem that would come from this is from individual ISPs. If their DNS servers are near capacity and everybody using those servers where to switch to Vista then maybe, just maybe it could overload ther server.
Posted by DrtyDogg (3084 comments )
Link Flag
It will stall the internet...
...with emails for tech support!
Posted by ppgreat (1128 comments )
Reply Link Flag
Are You kidding me?
At the very worst, a reg hack would fix the issue if any.
Posted by Narshadda (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.