From owner-freebsd-ports@FreeBSD.ORG Wed Jan 14 12:41:42 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54185A32 for ; Wed, 14 Jan 2015 12:41:42 +0000 (UTC) Received: from mail.xtaz.uk (tao.xtaz.uk [IPv6:2001:8b0:202::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 114E9C3E for ; Wed, 14 Jan 2015 12:41:41 +0000 (UTC) Received: by mail.xtaz.uk (Postfix, from userid 1001) id 794FA209AF12; Wed, 14 Jan 2015 12:41:39 +0000 (GMT) Date: Wed, 14 Jan 2015 12:41:39 +0000 From: Matt Smith To: Michelle Sullivan Subject: Re: BIND REPLACE_BASE option Message-ID: <20150114124139.GB17865@xtaz.uk> Mail-Followup-To: Matt Smith , Michelle Sullivan , freebsd-ports@freebsd.org References: <2A3ABE9AE68B3CE8E1B7C1A1@ogg.in.absolight.net> <20150113163325.3A8FCBDC24@prod2.absolight.net> <67897B782F897C2A66FCD458@atuin.in.mat.cc> <20150113233952.BF862BDC24@prod2.absolight.net> <20150114031156.400F2BDC3E@prod2.absolight.net> <507F8738895177F5640A4090@atuin.in.mat.cc> <20150114120852.GA17865@xtaz.uk> <54B66183.8040403@sorbs.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <54B66183.8040403@sorbs.net> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jan 2015 12:41:42 -0000 On Jan 14 13:30, Michelle Sullivan wrote: >Matt Smith wrote: >> Doug Barton who used to maintain BIND in both the base system and the >> port used to always say that the version in the base system was only >> designed to be used as a local resolver on a laptop/desktop. If it was >> used as a proper DNS server the port version was meant to be used >> instead. Based on this it makes perfect sense why BIND was replaced >> with local Unbound in the base, and the ports system still has BIND >> for people that were using it. > >Was this ever documented? (I've been using bind in base for servers for >many years and this is the first time I've heard of it - and it is >unlikely I'm the only one.) > I'm not sure if it was documented anywhere in particular. I've just seen it mentioned lots of times on these mailing lists in the past. Specifically around the time he was experimenting with slaving the root and arpa zones and there were a few configuration changes to named.conf at that time. The main reasoning is that the versions of things in the base system are usually old and rarely get updated. They occasionally get patches if there's a serious security vulnerability but for minor bugs it's unlikely you'll see any patch. And to patch it you quite often need to do a full O/S upgrade which is very time consuming and probably needs a reboot. The port versions are updated straight away, even for minor bugs and because you've not also updated half the O/S in the process you don't need to do anything other than restart named. -- Matt