Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Jul 2012 03:28:03 -0400
From:      Mike Meyer <mwm@mired.org>
To:        freebsd-hackers@freebsd.org
Subject:   Re: Replacing BIND with unbound 9.1 code freeze?)
Message-ID:  <20120710032803.55d30a7d@bhuda.mired.org>
In-Reply-To: <4FFBD5D0.8020306@FreeBSD.org>
References:  <89AB703D-E075-4AAC-AC1B-B358CC4E4E7F@lists.zabbadoz.net> <4FF8C3A1.9080805@FreeBSD.org> <0AFE3C4A-22DB-4134-949F-4D05BBFC4C6C@lists.zabbadoz.net> <4FF8CA35.7040209@FreeBSD.org> <CA%2BtpaK1R1miXTJv8YJUMZWQcKFk7RPDePDBiCEMdWHZX=qksSQ@mail.gmail.com> <4FF952FB.10200@FreeBSD.org> <CAC8HS2Gs_cYLE%2Be6TDyDepFoy7%2BAVkGQSzo-gjUF4CW9cocbyg@mail.gmail.com> <4FFACB51.90001@brodnik.org> <20120709204749.GA88274@server.rulingia.com> <4FFB447F.9020001@FreeBSD.org> <20120710024605.GA90875@server.rulingia.com> <4FFBD5D0.8020306@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 10 Jul 2012 00:12:16 -0700
Doug Barton <dougb@FreeBSD.org> wrote:
> On 07/09/2012 19:46, Peter Jeremy wrote:
> > As I see it, FreeBSD systems fall roughly into 3 categories:
> > 1) Client systems that need to lookup external DNS servers only.
> > 2) SOHO systems that primarily do external lookups but need to
> >    be internally authoritative about their local network.
> > 3) Systems that are primarily DNS servers.
> > 
> > I think the majority of the remaining unease in this thread comes from
> > people who administer systems in the second category.  I (and I expect
> > lots of other people) use bind for this solely because it is in the
> > base system, not because it is the best tool for the job.
> 
> Well that's yet another reason to take it out of the base so that people
> can analyze this critically. :)
> 
> Seriously though, "install BIND from ports" is still a good answer to
> this use case. I'd argue that BIND 9.[89] is actually the best tool for
> the purpose you outlined, but there's no reason you couldn't use a
> combination of unbound and nsd. It would just be different than what
> people are used to.

I suspect that dnsmasq is a lot better tool for that job than BIND,
but see below. Unless you've got a really messy SOHO network,
anyway. It's simpler to configure, and includes an integrated DHCP
server so hosts that get their IP addresses via DHCP show show up in
the dns server. I know bind and at least one DHCP server can be setup
to do that, but I never could get it to work properly. dnsmasq did it
the first time years ago, and I've never looked back. These days, I'm
using it on a DDWRT router.

I would have suggested it for the base system, but 1) it's still a bit
more than case 1 needs, and 2) it's GPL'ed.

     <mike
-- 
Mike Meyer <mwm@mired.org>		http://www.mired.org/
Independent Software developer/SCM consultant, email for more information.

O< ascii ribbon campaign - stop html mail - www.asciiribbon.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120710032803.55d30a7d>