Replacing BIND with unbound
Dag-Erling Smørgrav
des at des.no
Mon Jul 9 19:00:32 UTC 2012
Mark Felder <feld at feld.me> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > What sort of benchmarks do you envision? Unlike named, unbound is
> > intended to serve only one client (localhost) or a small number of
> > clients (a SOHO).
> Highly disagree; we use it (ISP) as our resolving nameserver for all
> of our customers.
Good for you. From what I've read, I should think it works just fine,
but I have no personal experience running unbound on large networks.
I'd love to try it out on the UiO network, but I doubt they'd let me...
My basis for stating that it is intended primarily for localhost and
SOHO is its feature set, which seems particularly well suited to that
kind of use. Organizations with large networks generally need
authoritative nameservers as well, but they can of course have both
outward-facing BIND or NSD servers and inward-facing unbound servers, or
have their registrar handle the authoritative side.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list