You’ve perhaps been hearing about the “Internet of Things,” or IoT. What the IoT really represents is a massive growth in the number of specialized devices that connect to the Internet: everything from light bulbs to industrial machinery.
The impact on the Internet and the enterprise will be profound. My colleague Scott Hilton has written an excellent overview: “30 Billion “Things to Consider”: How IoT Will Transform Enterprise IT,” about what CIOs should be thinking about now in regards to how IoT will affect their network data requirements, or add complexity or new security and privacy issues.
But what I want to address here is what all these new devices might mean for our current addressing and naming schemes.
In order to use all these devices, people are going to need to communicate with them. For humans, to communicate with them means each device will need a name.
What’s In A Name
As you know if you read Dyn’s blog, the Domain Name System (DNS) was created in part to make it easy to identify systems attached to the Internet. Machines talk to each other by number – IP addresses like 192.0.2.130 (IPv4) or 2001:db8::1 (IPv6). But to begin with, these numbers are harder to remember than names. Humans generally have an easier time remembering (say) “printer.office.example.com” than “192.0.2.87.”
Also, for operational reasons, addresses and devices are not permanently associated with one another. Addresses are just a way for one computer to talk to another, and if some computer isn’t using an address at that moment, some other computer can use it in the meantime. This means that a given address isn’t bound to any one particular device over time (though it’s bound to one device at any one time). Instead, network devices usually automatically get an address when they join the network.
In fact, those that are using IPv6 get a whole range of addresses, and they’re allowed to use more than one. In order to make any of this even remotely usable to mere humans, some way of finding the right address is needed. And that’s part of what the DNS does: it allows a human to give a name, and for the computers involved to find the right addresses associated with that name.
This part of the DNS’s role is not changed by the IoT. What does change the value of the DNS is the nature of all those “things.” For much of the recent history of the Internet, most of the things you wanted to get to were on a server somewhere: you got mail from a mail server, web pages from a web server, and so on. Those were (mostly) the machines you needed to name. For most people, even their desktop or laptop often didn’t get a (useful) name, though it was always possible to do it. But the basic use-pattern was, by and large, a number of client machines reaching out to central servers. The servers were the things that got names everyone could remember.
Managing the Internet of Things
With the emergence of the IoT, the services aren’t just in servers. They’re distributed in all these little connected devices. If you want to adjust the temperature in your home while still at the office, you need to connect to your particular thermostat. So now, we need a way to make all those little devices providing services safe and easy to use. But web site operators have staff to maintain their web servers. Nobody is going to want to hire professional IT staff just to adjust their thermostat.
In the enterprise space, the problem is different. Enterprises often manage a few servers, printers, etc., and once they have a large site, or more than one site, they often use the DNS to help manage (name) these devices. With even a few printers, a couple file servers, and the like, it is possible to set everything up by hand with fairly little effort. Now, imagine trying to do this when every light bulb is connected to the network. You want the power management, or other advantages that come from having smart electrical devices. But managing them will be a hassle.
One approach might be to create a zone designated for the specialized devices within the office. For example, if your current DNS is example.com, you might set up IoT.example.com for all the new “IoT” devices. This would allow you to segregate those you want to manage from those whose management could be outsourced. The DNS was in fact designed for exactly this kind of flexibility, because it made “delegation of name spaces” easy. Many name spaces might suddenly be useful again.
Some will say that the right answer is to avoid IoT devices altogether, but that is probably unrealistic. Enterprise IT has actually faced this challenge before, with the advent of BYOD. Many enterprises attempted to control which devices could connect to the corporate network, but the power and productivity offered by people’s phones and tablets was too great to give up. Policy was overwhelmed by reality.
Planning now to segregate the name space would allow corporate IT to better manage the core services in the network, and yet permit easy and lightweight management of those parts of the network that might not have critical infrastructure. This sort of strategy has always been available, but when services become distributed on devices all over the network instead of being concentrated in servers, and most IT staffs being called upon to do more with less, such a segregation strategy becomes more valuable.