From owner-freebsd-chat  Mon Mar 25 15:16:19 2002
Delivered-To: freebsd-chat@freebsd.org
Received: from sleepy.wojomedia.com (ns2.wojomedia.com [216.107.102.3])
	by hub.freebsd.org (Postfix) with SMTP id CAD8D37B400
	for <chat@FreeBSD.ORG>; Mon, 25 Mar 2002 15:16:14 -0800 (PST)
Received: (qmail 30909 invoked by uid 1000); 25 Mar 2002 23:16:12 -0000
Date: Mon, 25 Mar 2002 17:16:12 -0600
From: Tim <tim@sleepy.wojomedia.com>
To: Brad Knowles <brad.knowles@skynet.be>
Cc: Terry Lambert <tlambert2@mindspring.com>, chat@FreeBSD.ORG
Subject: Re: qmail (Was: Maintaining Access Control Lists )
Message-ID: <20020325231612.GA30696@sleepy.wojomedia.com>
References: <p05101505b8c430e28572@[10.0.1.9]> <000c01c1d3ab$6d2c6960$6600a8c0@penguin> <p05101509b8c47b17d088@[10.0.1.8]> <20020325015236.A97552@futuresouth.com> <p0510150eb8c48ba6b1f4@[10.0.1.8]> <3C9EFED0.DB176CB8@mindspring.com> <20020325115207.GA22032@sleepy.wojomedia.com> <3C9F1A16.207EA23E@mindspring.com> <20020325140022.GA23251@sleepy.wojomedia.com> <p05101519b8c51042d9db@[10.0.1.8]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <p05101519b8c51042d9db@[10.0.1.8]>
User-Agent: Mutt/1.3.27i
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-chat.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-chat>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-chat>
X-Loop: FreeBSD.org

On Mon, Mar 25, 2002 at 06:47:10PM +0100, Brad Knowles wrote:
> >   First, I am assuming that you serialize the administration
> > script (no parallel scripts going on).
> 
> 	Big shops can't afford to do this.  The locking has to be done at 
> a lower level.

  Errr, you are going to have to lock/order the update of the
named.conf (or its included) file at some point.  If you are already
doing that, you could very well lock/order the update of your tinydns
updates.  Depending on your needs, one is easier than the other.

> >   If primary/secondary has the exact same zones, then with djbdns it
> > looks like this:
> >
> >   database -> ns1
> >   rsync ns1 ns2
> 
> 	Right.  But rsync isn't a part of the DNS standard protocol.

  So what?  What DNS protocol allows you to kick/restart the secondary
bind server to tell it new zones are available?

> >   I agree with your points.  On the other hand, djbdns
> > solves a specific set of user needs very well (basically, those
> > that maintain n servers each of which containing the same zones).
> > I think it really depends on your needs.
> 
> 	Sigh....  It looks like I'm going to have to publicly post my 
> list of 18 things that I have found wrong so far with djbdns, as 
> opposed to simply sending it privately to a few individuals.  So be 
> it:

  You make a lot of good points in your list but I'm already aware of
most of them.  Personally I think if you trim down your list to
about 8 points you'd have a LOT more credibility.  I'll leave it to
somebody else more familiar with dns to answer your issues (although
I am unaware of any djbdns expert hanging around in -chat).

  Once again, it depends on your needs.

  Tim

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message