IP: On centralized, distributed and absolutism

[David Farber <dave () farber net>]

> Date: Tue, 23 Oct 2001 23:39:39 -0400
> From: Dan Grossman <ldg004 () earthlink net>
>
> (for IP, if you wish)
> Dave,
> Two memes converged on the list today, and triggered something I've been
> wanting to get off my chest for a long time.
>
> As engineers, we are (or at least should be!) trained to evaluate design
> alternatives, to weigh benefits, liabilities, costs and risks, and to
> dispassionately assess tradeoffs to select the  solution best optimized
> to the requirements.
>
> So why is it that so many of our most prominent and respected colleagues
> bleat out the Orwellian refrain:  "Distributed good, centralized bad"?
>
> And when I see stuff like the below from the dean of one of the best CS
> programs in the world, I've got to wonder what they're teaching
> undergraduates about the way engineers practice their profession.  To
> say nothing of wondering about how I'll manage to break a few of them of
> bad habits of mind when they get to my group.
>
>
> >... Those are the areas where a small perturbation can cause the most
> >havoc." The counter strategy for our society is "Don't build such
> systems.
> >Avoid single points of failure. Decentralize and disperse control."
> >
> >Here are some examples of systems that follow the principle of
> >high-entropy design compared to their more vulnerable alternatives:
> >   The Internet instead of the phone system.
> More canards buried in that statement than _Make Way for Ducklings_
>
> First, on the day of the attacks, the phone network did exactly what it
> was supposed to, despite losing a big Verizon exchange and an AT&T POP.
> Protection switching and rerouting and call gapping and signalling
> congestion control kicked in.  Emergency calls went through, the system
> operated at saturation, and if calls were blocked, then at least those
> callers who did get through were able to have their say and get off. In
> another words, utility was maximized.
>
> The Internet -- well, I'll be interested to hear how close the Internet
> got to congestion collapse.  From what I understand, news sites were
> inaccessable.  True, emails sat in queue for a while, and ultimately got
> through, so there was some utility.   But how much more than the phone
> network, the two-way paging network and the cellular network?  History
> will tell.
>
> Next, observe that the  Internet in fact has hierarchy, and if it did
> not, it would not scale.  Further, it is overlaid on a physical fiber
> infrastructure whose topology is not at all unlike that of the much
> maligned phone system.  Because it *is* pretty much the same
> infrastructure.  And at concentration points, the Internet is every bit
> as much as vulnerable as the phone network.
>
> The much-vaunted routing system, which is popularly believed to enable
> the Internet to "route around" trouble isn't what it appears to be,
> either.  After a failure, the BGP routing system takes several minutes
> to stabilize, and packet losses and loops can persist for many seconds.
> The Internet routing research community is rightly concerned about the
> long-term scalability of the BGP routing system.  Not surprisingly,
> there is a lot of work going on in the IETF to build failure recovery
> mechanisms that look suspiciously like ones used in the phone system.
>
> The congestion control system in the Internet is a bandaid that has
> remained in place far longer than prudence dictates.  A well-designed
> worm could easily send the net into unrecoverable congestion collapse.
>
> None of which goes to say that the net will not be useful to us in the
> post-9/11 world... warts and all.  But to depend upon it to the
> exclusion of all else, and particularly a very well designed, stable and
> secure telephone network, would be foolish.
>
>
> >   Gnutella et al. instead of Napster.
> The Napster fiasco was a failure at the convergence of Law, Code,
> Markets and Norms (nod to Larry Lessig here), not of a centralized
> architecture.  Is not the solution to demand that our elected
> representatives redress the imbalances in the law, rather than to invent
> new ways to evade the law?
>
> >   Air transport that uses thousands of small air taxis rather than
> > today's hub-and-spoke system (James Fallows)
> The vision articulated by Fallows is an extremely attractive one.  It
> would save me a fair amount of wear and tear.  I hope it comes to pass.
> But Fallows himself points out that it's only good for trips of about
> 500 miles.  That covers a lot of my travel, but not all of it. I still
> have to drive to Providence for longer domestic trips, and to Boston for
> international.  In another words, in this case, the decentralized
> solution augments the centralized solution, not replaces it.
>
> >   A competitive, heterogeneous operating system market instead of a
> > monoclonal Microsoft one.
> Ironic.  Microsoft is the distributed architecture run amok.  Remember
> that before the PC, we had timesharing on mainframes and minicomputers.
> Operating systems were competitive.  Operating sytems were operating
> systems, and applications were applications and nobody thought about
> "co-mingling".   Operating systems also were far more stable and secure
> than Windows, and were much easier to secure.
>
> For that matter, a good part of the reason why the  financial industry
> recovered as quickly as they did is that they  **centralized** their
> data on mainframes and server farms.  Replicated, mirrored, backed up,
> with duplicates in New Jersey and/or Pennsylvania.  In secured, hardened
> facilities.  Can you imagine the chaos if all the important data was on
> peoples' desktops in the WTC and nowhere else?  Fortunately, the 1993
> WTC bombing raised awareness, and that sort of extremely decentralized
> architecture was replaced.
>
> >   Al Qaeda instead of the CIA.
> I'm getting a little tired of other people's half-informed speculation
> on this, but will nonetheless venture my own.   Al Qaeda starts with a
> charismatic evil genius, now believed to be cowering in a cave somewhere
> in southern Afghanistan.  When a bomb or a betrayer find him, will Al
> Qaeda survive as an organization, absent his coordination and financing?
>  Probably not for long.
>
> >   A dispersed population instead of mega-cities.
> Ah, we have that.  It's called "suburbs".  Some would say that suburbs
> lead to SUVs and SUVs guzzle petroleum, and petroleum got us into this
> mess in the first place.
>
> I don't mean this as a knock on anybody in particular, but as a critique
> of a certain lack of engineering discipline in the CS and networking
> community.
>
> In short, if you want dogma, move to the Theology Department.


For archives see:
http://www.interesting-people.org/archives/interesting-people/