From owner-freebsd-net@freebsd.org  Mon Jun 15 14:35:17 2020
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D69C63363B2
 for <freebsd-net@mailman.nyi.freebsd.org>;
 Mon, 15 Jun 2020 14:35:17 +0000 (UTC)
 (envelope-from jaap@NLnetLabs.nl)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 49lv4j4fkqz3RkZ
 for <freebsd-net@freebsd.org>; Mon, 15 Jun 2020 14:35:17 +0000 (UTC)
 (envelope-from jaap@NLnetLabs.nl)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 9DEDF335FF1; Mon, 15 Jun 2020 14:35:17 +0000 (UTC)
Delivered-To: net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9DB1733645A
 for <net@mailman.nyi.freebsd.org>; Mon, 15 Jun 2020 14:35:17 +0000 (UTC)
 (envelope-from jaap@NLnetLabs.nl)
Received: from dicht.nlnetlabs.nl (dicht.nlnetlabs.nl [185.49.140.10])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 49lv4h3YLYz3Rqs;
 Mon, 15 Jun 2020 14:35:16 +0000 (UTC)
 (envelope-from jaap@NLnetLabs.nl)
Received: by dicht.nlnetlabs.nl (Postfix, from userid 58)
 id D0AD61E6E5; Mon, 15 Jun 2020 16:35:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nlnetlabs.nl;
 s=default; t=1592231712;
 bh=ghZc+V8OeAl00FwyeKg0Q9ZBT0atqMrSx9CEjymnORk=;
 h=To:cc:Subject:From:In-reply-to:References:Date;
 b=lrCCasz24arLHh1sfs8+Y+LWeWmF/WXafPOc6QUuKG068WPWxnj9/0pi+b2CWZnMJ
 9AcTUjnk+jxV5E5lyBULPpm9j/ZgLEx/ZFaFk99inhqOElNxqWg+zr3dOPabGJ4z1V
 aMR/RPi38g4C5A0ENYZeQt4aDxd9WaG/k5HGTxx0=
X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on dicht.nlnetlabs.nl
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=5.0 tests=ALL_TRUSTED,BAYES_00,
 DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_PASS,
 URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.3
Received: from bela.nlnetlabs.nl (bela.nlnetlabs.nl [IPv6:2a04:b900::1:0:0:15])
 by dicht.nlnetlabs.nl (Postfix) with ESMTPS id 6CE7D1E6E3;
 Mon, 15 Jun 2020 16:35:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nlnetlabs.nl;
 s=default; t=1592231712;
 bh=ghZc+V8OeAl00FwyeKg0Q9ZBT0atqMrSx9CEjymnORk=;
 h=To:cc:Subject:From:In-reply-to:References:Date;
 b=lrCCasz24arLHh1sfs8+Y+LWeWmF/WXafPOc6QUuKG068WPWxnj9/0pi+b2CWZnMJ
 9AcTUjnk+jxV5E5lyBULPpm9j/ZgLEx/ZFaFk99inhqOElNxqWg+zr3dOPabGJ4z1V
 aMR/RPi38g4C5A0ENYZeQt4aDxd9WaG/k5HGTxx0=
Received: from bela.nlnetlabs.nl (localhost [127.0.0.1])
 by bela.nlnetlabs.nl (8.15.2/8.15.2) with ESMTPS id 05FEZBfw045919
 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO);
 Mon, 15 Jun 2020 16:35:11 +0200 (CEST)
 (envelope-from jaap@NLnetLabs.nl)
Received: from bela.nlnetlabs.nl (jaap@localhost)
 by bela.nlnetlabs.nl (8.15.2/8.15.2/Submit) with ESMTP id 05FEZBKs045916;
 Mon, 15 Jun 2020 16:35:11 +0200 (CEST)
 (envelope-from jaap@NLnetLabs.nl)
Message-Id: <202006151435.05FEZBKs045916@bela.nlnetlabs.nl>
X-Authentication-Warning: bela.nlnetlabs.nl: jaap owned process doing -bs
To: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>
cc: Andriy Gapon <avg@freebsd.org>, Ryan Steinmetz <zi@freebsd.org>,
 net@freebsd.org
Subject: Re: unbound and (isc) dhcpd startup order
From: Jaap Akkerhuis <jaap@NLnetLabs.nl>
In-reply-to: <202006151358.05FDwo7X076921@gndrsh.dnsmgr.net>
References: <202006151358.05FDwo7X076921@gndrsh.dnsmgr.net>
Comments: In-reply-to "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>
 message dated "Mon, 15 Jun 2020 06:58:50 -0700."
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <45913.1592231711.1@bela.nlnetlabs.nl>
Content-Transfer-Encoding: quoted-printable
Date: Mon, 15 Jun 2020 16:35:11 +0200
X-Rspamd-Queue-Id: 49lv4h3YLYz3Rqs
X-Spamd-Bar: -----
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=nlnetlabs.nl header.s=default header.b=lrCCasz2;
 dkim=pass header.d=nlnetlabs.nl header.s=default header.b=lrCCasz2;
 dmarc=pass (policy=none) header.from=NLnetLabs.nl;
 spf=pass (mx1.freebsd.org: domain of jaap@NLnetLabs.nl designates
 185.49.140.10 as permitted sender) smtp.mailfrom=jaap@NLnetLabs.nl
X-Spamd-Result: default: False [-5.17 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.002];
 R_DKIM_ALLOW(-0.20)[nlnetlabs.nl:s=default];
 RCVD_DKIM_ARC_DNSWL_HI(-1.00)[]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:185.49.140.0/22];
 MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[];
 NEURAL_HAM_LONG(-0.99)[-0.992]; RCVD_COUNT_THREE(0.00)[4];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 DKIM_TRACE(0.00)[nlnetlabs.nl:+];
 DMARC_POLICY_ALLOW(-0.50)[NLnetLabs.nl,none];
 NEURAL_HAM_SHORT(-0.67)[-0.671]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[];
 ASN(0.00)[asn:8587, ipnet:185.49.140.0/22, country:NL];
 RCVD_IN_DNSWL_HI(-0.50)[185.49.140.10:from]
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jun 2020 14:35:17 -0000

 "Rodney W. Grimes" writes:

 > Um, yea, I guess the bigger question is why is the port different
 > than the base system in this respect?

The the unbound port existed years before it was decided that unbound
should replace bind in the base system.

If you want the port to change, send a PR for the port so I won't forget t=
his.

 >
 > I would expect unbound to be the same, as unbound_local in almost
 > every respect, especially with respect to its startup sequencing,
 > providers and requires.

Not really. For a start, the port has a different default configuration
then the one in base.

 >
 > > > I seen no problem in adding a BEFORE: NETWORKING to the port, cover=
ing
 > > > a larger number of casses than your narrow BEFORE: dhcpd.

I don't see a problem either.
 =

 > > >> On a related note, unbound rc script provides "unbound" service.
 > > >> I think that maybe it should provide something more generic such a=
s "nameserver"
 > > >> or "dns-server" (not sure if there is an established name for that=
).
 > > >> The reason I am saying this is that, IMO, if unbound is replaced w=
ith some other
 > > >> name server implementation the rc dependency chains should stay th=
e same.
 > > > =

 > > > I do not see anything in the base system that uses unbound or local=
_unbound
 > > > service name, so this looks like it could be straightforward, thoug=
h there
 > > > may be some ports that have use of this token.
 > > > =

 > > > For the blue bikeshed I find that "server" is just noise in the tok=
en
 > > > and that "dns" already has "s" for system, so just "dns" is good wi=
th me :-)
 > > =

 > > That's a good point.

I don't agree. The term dns is too generic. People are often running
dfferent nameservers on the same machine, as example: authoritative
and nonauthoritative (e.g. nsd & unbound).

Regards,

	jaap