One of the biggest pet peeves of mine is the way our industry continually misinterprets a specific design pattern (whatever one it is) and ends up producing something much more complex than it needs to be.

Darren Gosbell provides a classic example of this in his discussion about the pros and cons of using web-services, remoting or enterprise services (COM+/DCOM) in a n-tier application.

Microsoft started promoting their DNA application model a number of years ago now and it really stuck in our collective consciousness. But the industry must have been dropping acid that day because instead of understanding and appreciating the concept of layering in application design they came away with this idea that every application should be split across three physical machines.

What the DNA application model really was all about was breaking your applications down into a set of layers, presentation, business logic and data access. The model has been tweaked over the years but thats pretty much what it is. The key difference here is that we are talking about an n-layer application not an n-tier application.

In n-layer DNA applications you still have your presentation, business logic and data access layers but you just don’t physically split them across processes and machines. In fact there is seldom cause to build an n-tier application.

One is if you have a bunch of paranoids running your IT department who have so little faith in their network infrastructure they force you unnatural splits in your application just so bits of it can sit on either side of a mis-configured firewall. Interestingly they will force their internal developers to go through hell but let a vendor walk in and plonk down a solution that doesn’t conform to this model – do I sound bitter?

My comeback for that argument these days is to ask whoever is making the architectural decision to show be the purchase order for the security expert to come in and do penetration testing on the software. Basically a hacker is more likely achieve their goals by exploiting bad code than they are the fact that an application is running all of its layers in the same process on the same physical network segment.

So my question to you Darren is – do you even need to split the application layers across tiers?