On Sat, Mar 9, 2013 at 2:51 PM, Genes Lists <lists@sapience.com> wrote:
On 03/08/2013 09:27 PM, Gaetan Bisson wrote:
Hi guys,
Currently we use the BIND code base in two packages: - dnsutils from [core] provides basic DNS query tools; - bind from [extra] is the actual name server.
...
We already have ldns in [core], a much better written (and sane) DNS library which includes query tools that are near drop-in replacements for BIND's: use `drill` instead of `dig`, etc.
Hi
One observation - bind is the de facto standard and as far as I can tell used by the majority of the root servers [1] (and the majority of all major DNS servers according to wikipedia [2] and bind website [3] anyway :-)).
We may want to be cautious stepping away from the dominant DNS software unless there is a sea change for the DNS community to do same.
A casual look around [4] - so clearly I am not in the know here - but the rewrite seems not dissimilar to the postfix "re-write" of sendmail - modularity and security seemingly key goals. [5]
Anyway, I'd encourage that we try and stick with bind.
gene
[1] http://en.wikipedia.org/wiki/**Root_name_server<http://en.wikipedia.org/wiki/Root_name_server> [2] http://en.wikipedia.org/wiki/**BIND<http://en.wikipedia.org/wiki/BIND> [3] https://www.isc.org/wordpress/**software/bind10/<https://www.isc.org/wordpress/software/bind10/> [4] http://bind10.isc.org/wiki/**DesignOverview<http://bind10.isc.org/wiki/DesignOverview> [5] I am not familliar with ldns or it's benefits - security or other so I don't feel entitled to an opinion.
As a long standing bind user this raises some worries for me - maybe it is simply unfamiliarity with ldns though... Has there been any discussion about how ldns performs relative to bind - particularly concerning security and simplicity of setting up as well as functionality relative to the familiar way that bind has worked for many years on many platforms? Is there anyone on the list who has used ldns that can relate how well it performs relative to bind? -- mike c