Re: DNS servers
Hi,
On Fri, Nov 22, 2002 at 10:00:07AM +1100, Craig Sanders wrote:
> no, there is at least one other unix nameserver that reads them. NSD.
ok - taken already. I've skimmed their web pages but wasn't overly
fascinated in an instant. But I'll expect to keep an eye on it.
> there have been no arguments brought forward against the bind zonefile
> format. a few people have claimed that it sucks but without providing
> any reason or evidence. djbdns doesn't support it and djb doesn't like
> it - that means that it's broken, right?
No. Well, I may have missed that arguments against the BIND file
format have not been brought forward on this list, but I've seen
numerous complaints about it over the passage of time, and also
have my own experience with it. When I turned from BIND to djbdns,
I discovered that I had several errors in my name server setup,
despite the fact that I thought I had double-checked each time
I messed with the server. In a different message I wrote about
helping a guy to get his name server up (BIND, too). I didn't
like to wade through his 50+ domains, totalling a few hundred
records, and decided to set up tinydns and pull them over.
Doing it revealed a few dozen errors in his zone files that
were not really obvious while consuming about half an hour.
He was working on his files for several weeks already...
Just the matter of handling the various dots right, and not
forgetting the serial number, makes for a lot of chances to
mess things up, especially if you're tired.
> why, then, did that file format work for years before djbdns came along?
Well, it worked, and still works in a certain sense. Sendmail
also still works, and I'm about certain that I can power up
a machine that runs 8.6.12 and would be able to receive and
deliver mail. Is that any indication about that being a
desirable, or at least satisfactory, state of affairs? I
don't think so...
Like checking all the reverse-mapping hassle that's going on on
the Internet. Most people don't do it right, no? Doing it right
with BIND is work. Doing it right with djbdns comes for free
if someone likes to delegate the reverse mapping to you, and/or
accepts to pull it from you.
> because i prefer plain text files, i am "ignoring" certain tools?
You made several statements that went like "I want my BIND files
because I'm familiar with them, and can't read the obscure djbdns
files." The tinydns data file _is_ a plain text file, you only compile
it to a cdb file that the name server uses. And yes, there's a design
difference between BIND and tinydns. An analogy is BSD using a
compilation of the passwd file in db format, for faster lookups,
where Linux traditionally uses a flat plain text file. Not _that_
much of a difference unless you want to claim that the tinydns-data
compiler doesn't work correctly.
If you use tools, you can be pretty ignorant about what format
the application data is stored in. So, if the data file isn't
plain text enough for you, you can't be using tools. (I also
use version controll for my DNS data, but wouldn't call that
a tool in this context). If you wanted to use tools, you should
have been able to find and/or write them. They are there...
> what universe do you live in?
I'm in the same universe as you are. Or are you from outer space?
> > No, all other Unix DNS software I am aware of can't do it as well.
> NSD.
That's still only one, compared to some 10+ other servers that can't.
It's a very new one, too. So what was your real argument? Didn't you
volunteer to post a patch to tinydns that makes it read BIND zone
files directly?
> > There could be a reason in _that_.
>
> laziness?
> ignorance?
> an irrational compulsion to reinvent wheels that work well enough (i.e.
> Not-Invented-Here syndrome)?
I don't think so. Most people are lazy, yes. If doing it BIND style
would be easy, I'm sure many more people had adopted that way just
to save them work. After all, if your tools work well enough, why
throw them away? I venture to claim that all people who went away
from the (ubiquitiously preinstalled) BIND have not done so because
they didn't feel the need for an alternative, ie, they felt that
BIND is a very significant PITA, too much to stand.
> > How do you think about the multitude of SQL- and LDAP-backed DNS- (or
> > anything-) servers out there? That's all crap because they don't work
> > with BIND zone files and sendmail.cf?
> try arguing against what *I* say, not what you claim that i say.
You said that not using BIND zone files in a name server software
is a stupid thing to do, and that doing it the conservative way
requires sticking with BIND zone files, and you also brought
forward the same argument for inetd and syslog. I only extended
that to sendmail as well, which is also a piece of legacy software.
So I rephrase the questions: How do you think about the multitude of
SQL- and LDAP-backed DNS servers out there? That's all crap because
they don't work with BIND zone files?
> i really don't like people stuffing words into my mouth. for one thing,
Well, then re-read what you said in the various messages on these
lists. I'm not the only one who was very happy to benefit from
your wisdom.
> [ some more mud slinging clipped ]
> i know that djbdns is not suitable for my needs, and why i know that
> it's zonefile format sucks.
You didn't yet explain why this format sucks in case you didn't
notice...
Apart from that, I have no problem if you want to stay with BIND,
but please just stop making false claims and slinging mud at
other people who happen to disagree with you. I also have no
problem if you want _some_ name server software to support
BIND zone files as long as you don't insult all those who
don't support them, and as long as you don't demand that this
be "fixed".
> if you had bothered reading what i posted, you would have noticed me
> mentioning (on several occasions) that i have run djbdns on several
> machines over several months.
Yes, I have read that. This came very late in the debate, however,
and you didn't mention details about what problems you had with it,
other than that it didn't fit with your habits.
> the "problem", since you insist that there must be one, is that djbdns
> is inadequate for my needs and there is currently no viable alternative
You still fail to say _why_. I also feel that some thing or other
is inadequate for my needs, and I _can_ say why when that is the
case.
> > There are still some who insist that only punch cards can give you
> > long-term reliable data storage. You're one of them.
That's a direct result of the whole way you argued before. And thanks
for the flowers, I see that you want to keep to it [ clipped ]...
Toni
Reply to: