[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Secure alternatives to BIND?
- To: tech_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Secure alternatives to BIND?
- From: "D. J. Bernstein" <djb_(_at_)_cr_(_dot_)_yp_(_dot_)_to>
- Date: 12 Feb 2001 23:16:39 -0000
Philipp Buehler writes:
> reduced features
Where do you get the idea that djbdns is less powerful than BIND? Let's
try ten examples of djbdns features:
* instant startup, with host information in a fast on-disk database;
* automatic replication of new zones;
* automatic construction of PTR records;
* random selection of eight A records from a cluster of any size;
* scheduled record changes, with TTLs handled automatically;
* a special-purpose RBL server using 100x less space;
* easy tracing of resolution problems with a follow-all-paths tool;
* automatic checking for changes in resolv.conf every ten minutes;
* automatic removal of old records whenever the cache fills up; and
* automatic use of delegations from split-DNS internal servers.
How do I achieve these results with BIND?
I heard the same ``it must be deficient'' comments about qmail years
ago, before it became generally known how powerful qmail was. Of course,
the people making the comments never had any specific how-do-I-do-this
questions; they simply assumed that new and small and simple meant bad.