Date: Sat, 7 Jul 2012 19:35:11 -0500 From: Adam Vande More <amvandemore@gmail.com> To: Doug Barton <dougb@freebsd.org> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, =?ISO-8859-1?Q?Dag=2DErling_Sm=F8rgrav?= <des@des.no>, FreeBSD Hackers <freebsd-hackers@freebsd.org>, freebsd-security@freebsd.org Subject: Re: Replacing BIND with unbound (Was: Re: Pull in upstream before 9.1 code freeze?) Message-ID: <CA%2BtpaK1R1miXTJv8YJUMZWQcKFk7RPDePDBiCEMdWHZX=qksSQ@mail.gmail.com> In-Reply-To: <4FF8CA35.7040209@FreeBSD.org> References: <CA%2BQLa9B-Dm-=hQCrbEgyfO4sKZ5aG72_PEFF9nLhyoy4GRCGrA@mail.gmail.com> <4FF2E00E.2030502@FreeBSD.org> <86bojxow6x.fsf@ds4.des.no> <89AB703D-E075-4AAC-AC1B-B358CC4E4E7F@lists.zabbadoz.net> <4FF8C3A1.9080805@FreeBSD.org> <0AFE3C4A-22DB-4134-949F-4D05BBFC4C6C@lists.zabbadoz.net> <4FF8CA35.7040209@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jul 7, 2012 at 6:45 PM, Doug Barton <dougb@freebsd.org> wrote: > On 07/07/2012 16:34, Bjoern A. Zeeb wrote: > > On 7. Jul 2012, at 23:17 , Doug Barton wrote: > > > >> On 07/07/2012 14:16, Bjoern A. Zeeb wrote: > >>> > >>> On 3. Jul 2012, at 12:39 , Dag-Erling Sm=F8rgrav wrote: > >>> > >>>> Doug Barton <dougb@FreeBSD.org> writes: > >>>>> The correct solution to this problem is to remove BIND from the bas= e > >>>>> altogether, but I have no energy for all the whinging that would > happen > >>>>> if I tried (again) to do that. > >>>> > >>>> I don't think there will be as much whinging as you expect. Times > have > >>>> changed. > >>>> > >>>> I'm willing to import and maintain unbound (BSD-licensed validating, > >>>> recursive, and caching DNS resolver) if you remove BIND. > >>> > >>> I'd object to it. Trading one for another without gaining anything > does > >>> not help us much. > >> > >> Au contraire. It solves the problem of BIND release cycles not matchin= g > >> up with ours. This is a very important problem to solve. > > > > Right and unbound et al are better? Bind at least gives us long term > > support releases these days. We just need to make sure we pick them > > for releases. > > > > > >> I've already written at length as to what I think the dream solution i= s, > >> but we don't have anyone willing to code that yet, and even if we did, > >> there is no guarantee that we'd get the buy-in to make it happen. In > >> addition to being a good first step, doing this for DNS will also help > >> us shake out the exact issues you allude to below. > >> > >>> Don't get me wrong I have both running for years and even maintain > patches > >>> for unbound for 2 years now for functionality they do not provide, > which > >>> named happily gives me. > >> > >> Other than authoritative DNS, what features does unbound lack that you > want? > > > > DNS64 as a start. > > Personally I would classify that as a highly-specialized request, and > would point you to the bind* ports. I acknowledge that others may have a > different view. I am unclear on how this solves the main problem I think was stated about syncing up with release branches. If it doesn't solve that, isn't this just busy work? --=20 Adam Vande More
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BtpaK1R1miXTJv8YJUMZWQcKFk7RPDePDBiCEMdWHZX=qksSQ>