From: Kenny Freeman (freeman_at_cs.dal.ca)
To: firstname.lastname@example.org Date: Wed, 7 Jan 2004 13:26:21 -0500
My experience with bind has been less than fun - a pain to maintain with all
of these security fixes and also the file format is terrible. I switched to
djbdns as soon as I found out about it and was happy with a test server that
I setup. It is a bit of a hassle to get up and running, but when it is
finally setup properly you don't have to touch it at all, period. I have been
running djbdns for well over a year, more like over two years and I have not
had to touch it even once in that time. I have a perl script that updates the
data files from a MySQL database. I also have a CGI interface to the db, so I
can add/edit/delete dns records thru my web browser. The djbdns data file
format is very simple and a joy to work with compared to binds. You should
note however that with djbdns, instead of using 2 ips for 2 nameservers I
have to use 2xcache ips, 2xserver ips, and 2x zone xfer ips, and also that
the caches have to be notified of any dns servers for domains that you host -
my perl script takes care of that for me tho. Oh, and another thing... I have
heard of people having problems with djbdns on extremely heavily loaded
servers where queries were getting dropped - in that case I would use a round
robin nat in front of the servers to distribute the load among many dns
servers... my $0.02.
On December 12, 2003 12:35 am, Jason Fesler wrote:
> > How does djbdns measure up to bind anyway? Bind works wonderfully
> > for us.. any reasons someone can come up with (other then the beaten
> > to deal security arguments) why a person should change over?
> If you are happy with bind;
> If you stay current on bind security problems;
> If you find the ISC to be hoopy froods and DJB to be, well, DJB;
> then focus your attention to more fruitful efforts.
> (a die hard djbdns user, who fears bind to death, but not an evangelist)
> email@example.com mailing list
> To unsubscribe, send any mail to "firstname.lastname@example.org"
- application/pgp-signature attachment: signature