djbdns
Kenny Freeman
freeman at cs.dal.ca
Wed Jan 7 09:28:51 PST 2004
My experience with bind has been less than fun - a pain to maintain with all
of these security fixes and also the file format is terrible. I switched to
djbdns as soon as I found out about it and was happy with a test server that
I setup. It is a bit of a hassle to get up and running, but when it is
finally setup properly you don't have to touch it at all, period. I have been
running djbdns for well over a year, more like over two years and I have not
had to touch it even once in that time. I have a perl script that updates the
data files from a MySQL database. I also have a CGI interface to the db, so I
can add/edit/delete dns records thru my web browser. The djbdns data file
format is very simple and a joy to work with compared to binds. You should
note however that with djbdns, instead of using 2 ips for 2 nameservers I
have to use 2xcache ips, 2xserver ips, and 2x zone xfer ips, and also that
the caches have to be notified of any dns servers for domains that you host -
my perl script takes care of that for me tho. Oh, and another thing... I have
heard of people having problems with djbdns on extremely heavily loaded
servers where queries were getting dropped - in that case I would use a round
robin nat in front of the servers to distribute the load among many dns
servers... my $0.02.
-Kenny
On December 12, 2003 12:35 am, Jason Fesler wrote:
> > How does djbdns measure up to bind anyway? Bind works wonderfully
> > for us.. any reasons someone can come up with (other then the beaten
> > to deal security arguments) why a person should change over?
>
> If you are happy with bind;
> If you stay current on bind security problems;
> If you find the ISC to be hoopy froods and DJB to be, well, DJB;
> then focus your attention to more fruitful efforts.
>
> Really.
>
> --jason
> (a die hard djbdns user, who fears bind to death, but not an evangelist)
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/freebsd-isp/attachments/20040107/7cad332c/attachment.bin
More information about the freebsd-isp
mailing list