Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 09 Mar 2005 14:00:50 -0800
From:      John Pettitt <jpp@cloudview.com>
To:        Paul Schmehl <pauls@utdallas.edu>
Cc:        sn1tch <dot.sn1tch@gmail.com>
Subject:   Re: feedback on a good DNS server
Message-ID:  <422F7212.4080601@cloudview.com>
In-Reply-To: <0FB997694448EE4FF1EFE202@utd49554.utdallas.edu>
References:  <a82b9719050309131024a32b53@mail.gmail.com> <2360.216.220.59.169.1110404567.squirrel@216.220.59.169> <0FB997694448EE4FF1EFE202@utd49554.utdallas.edu>

next in thread | previous in thread | raw e-mail | index | archive | help


Paul Schmehl wrote:

> --On Wednesday, March 09, 2005 04:42:46 PM -0500 Ean Kingston
> <ean@hedron.org> wrote:
>
>>
>>> I am looking into setting up a DNS server on our network using an
>>> existing FreeBSD box. I have been looking around and reading comments
>>> on different DNS servers out their but everyone has mixed feelings. I
>>> know someone who uses BIND and is happy with it .. is their any reason
>>> why BIND wouldn't be a good choice? All i need is to have DNS running
>>> on a webserver so we can host our site internally...any feedback on
>>> this setup and/or DNS server is appreciated
>>
>>
>> I belive Bind is still included with the base FreeBSD OS. I've used
>> it in
>> the past and never had any problems with it. As always, YMMV.
>
>
> If you're concerned about security, BIND has had a large number of
> security problems.  DJBDNS is in /usr/ports/dns/ and it's very easy to
> setup and very easy to use.  More responsive than BIND as well, and
> you don't have to figure out the esoteric syntax that BIND requires.
>
"Has had" being the operative phrase - that would be bind 4 and bind 8 -
bind 9 which is a rewrite has a pretty solid record - also in the ports
tree.

The argument against DJBDNS comes down to a) DJB annoys a lot of people
and b) some of those people thinkg DJBDNS is not standards compliant.   
This argument is about as accurate as the "bind not secure" argument -
they both may have a grain of truth in the past.

The DNS discussion is a lot like the Linux vs BSD discussion - it's a
religious issue (strongly held views not always supported by facts)

John



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?422F7212.4080601>