Re: djbdns

From: Kenny Freeman (freeman_at_cs.dal.ca)
Date: 01/07/04

  • Next message: Yahoo!Groups: "Please reactivate your Yahoo! Groups account" 
    To: freebsd-isp@freebsd.org
Date: Wed, 7 Jan 2004 13:26:21 -0500

    My experience with bind has been less than fun - a pain to maintain with all
    of these security fixes and also the file format is terrible. I switched to
    djbdns as soon as I found out about it and was happy with a test server that
    I setup. It is a bit of a hassle to get up and running, but when it is
    finally setup properly you don't have to touch it at all, period. I have been
    running djbdns for well over a year, more like over two years and I have not
    had to touch it even once in that time. I have a perl script that updates the
    data files from a MySQL database. I also have a CGI interface to the db, so I
    can add/edit/delete dns records thru my web browser. The djbdns data file
    format is very simple and a joy to work with compared to binds. You should
    note however that with djbdns, instead of using 2 ips for 2 nameservers I
    have to use 2xcache ips, 2xserver ips, and 2x zone xfer ips, and also that
    the caches have to be notified of any dns servers for domains that you host -
    my perl script takes care of that for me tho. Oh, and another thing... I have
    heard of people having problems with djbdns on extremely heavily loaded
    servers where queries were getting dropped - in that case I would use a round
    robin nat in front of the servers to distribute the load among many dns
    servers... my $0.02.

    -Kenny

    On December 12, 2003 12:35 am, Jason Fesler wrote:
    > > How does djbdns measure up to bind anyway? Bind works wonderfully
    > > for us.. any reasons someone can come up with (other then the beaten
    > > to deal security arguments) why a person should change over?
    >
    > If you are happy with bind;
    > If you stay current on bind security problems;
    > If you find the ISC to be hoopy froods and DJB to be, well, DJB;
    > then focus your attention to more fruitful efforts.
    >
    > Really.
    >
    > --jason
    > (a die hard djbdns user, who fears bind to death, but not an evangelist)
    > _______________________________________________
    > freebsd-isp@freebsd.org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

  • Next message: Yahoo!Groups: "Please reactivate your Yahoo! Groups account"

    Relevant Pages

    • re: caching nameserver
      ... happening on the web server itself, install dnscache on the localhost. ... I am trying to install BIND (or djbdns) as a simple caching nameserver. ... Just to take some of the load off the networks DNS servers. ...
      (freebsd-questions)
    • Re: BIND
      ... Subject: BIND ... > Sort of in this vein, is anyone here using djbdns in a large ISP ... Haven't worked at a large ISP environment, ... to pull via AXFR from your BIND nameservers. ...
      (Focus-SUN)
    • Re: DNS for machines in office?
      ... > I'm going to designate one machine running fedora as a name server. ... Nameservers are generally not that difficult ... ... BIND: this is the standard. ... wish I had heard of it when I originally set up djbdns! ...
      (comp.os.linux.networking)
    • Re: Bind 8 bug experience
      ... It's called djbdns, and it is ... proven secure, and proven reliable. ... Why worry about timelines for advisories or patches or updates concerning ... aware that there are alternatives to BIND. ...
      (Bugtraq)
    • Re: djbdns
      ... Note that even the BIND developers admitted that it is recommended to ... DJBDNS just forces you to do this:) ... > the caches have to be notified of any dns servers for domains that you host - ...
      (freebsd-isp)