[arch-general] [arch-dev-public] BIND10? No, thanks.
Mike Cloaked
mike.cloaked at gmail.com
Sat Mar 9 13:05:29 EST 2013
On Sat, Mar 9, 2013 at 2:51 PM, Genes Lists <lists at sapience.com> wrote:
> On 03/08/2013 09:27 PM, Gaetan Bisson wrote:
>
>> Hi guys,
>>
>> Currently we use the BIND code base in two packages:
>> - dnsutils from [core] provides basic DNS query tools;
>> - bind from [extra] is the actual name server.
>>
> ...
>
>
>
>> We already have ldns in [core], a much better written (and sane) DNS
>> library which includes query tools that are near drop-in replacements
>> for BIND's: use `drill` instead of `dig`, etc.
>>
>>
> Hi
>
> One observation - bind is the de facto standard and as far as I can
> tell used by the majority of the root servers [1] (and the majority of all
> major DNS servers according to wikipedia [2] and bind website [3] anyway
> :-)).
>
> We may want to be cautious stepping away from the dominant DNS
> software unless there is a sea change for the DNS community to do same.
>
> A casual look around [4] - so clearly I am not in the know here -
> but the rewrite seems not dissimilar to the postfix "re-write" of sendmail
> - modularity and security seemingly key goals. [5]
>
>
> Anyway, I'd encourage that we try and stick with bind.
>
> gene
>
> [1] http://en.wikipedia.org/wiki/**Root_name_server<http://en.wikipedia.org/wiki/Root_name_server>
> [2] http://en.wikipedia.org/wiki/**BIND<http://en.wikipedia.org/wiki/BIND>
> [3] https://www.isc.org/wordpress/**software/bind10/<https://www.isc.org/wordpress/software/bind10/>
> [4] http://bind10.isc.org/wiki/**DesignOverview<http://bind10.isc.org/wiki/DesignOverview>
> [5] I am not familliar with ldns or it's benefits - security or other so I
> don't feel entitled to an opinion.
>
As a long standing bind user this raises some worries for me - maybe it is
simply unfamiliarity with ldns though...
Has there been any discussion about how ldns performs relative to bind -
particularly concerning security and simplicity of setting up as well as
functionality relative to the familiar way that bind has worked for many
years on many platforms?
Is there anyone on the list who has used ldns that can relate how well it
performs relative to bind?
--
mike c
More information about the arch-general
mailing list