[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: high performance caching bind server

On Mon, Mar 12, 2007 at 07:21:34PM -0600, Michael Loftis wrote:
> --On March 12, 2007 7:16:10 PM -0400 George Georgalis <george@galis.org> 
> wrote:
> >you're not recommending dnscache, you are recommending against it.
> >
> >but really you are spreading FUD.
> >
> >a) what various ways are you referring to?
> I don't have a boatload of specifics but one that bugs me is incomplete TCP 
> support.  You can only do an SOA/AXFR sequence over TCP.

that's not really relevant for a caching only resolver.

mind you, i don't use djbware because the license sucks...it's not free
software, which means that when it inevitably needs a patch, you're back to
the procedure of the bad old days (pre-linux) of download original source,
hunt for patches, download them, apply them, hope they don't conflict with
each other, hack them so that they don't conflict, compile, install.  repeat
next time there's a bug fix.

IMO, this is such a PITA that his software isn't worth using.

there are other reasons for not using his software, in particular his
habit of reinventing the wheel in stupid ways (he might be a good
programmer but IMO he's a lousy sysadmin), but they're not really
relevant to dnscache.

i used to use maradns (packaged for debian, see below) as a small
caching-only resolver a few years ago. it was OK. i wouldn't use it as
an authoritative nameserver, partly because it doesn't use the bind zone
file format, but it's OK for just a cache. only reason i havent used it
recently is because i haven't needed to.

Package: maradns
Priority: extra
Section: net
Installed-Size: 1096
Maintainer: Kai Hendry <hendry@iki.fi>
Architecture: i386
Depends: libc6 (>= 2.3.6-6), adduser
Filename: pool/main/m/maradns/maradns_1.2.12.05-1_i386.deb
Size: 475700
MD5sum: 6bcba8ff50f381b601c1e5349a3b129d
SHA1: 31b6d0dedf5839cbe3ee598c63808c878a2fa159
SHA256: 42450cc764b32daf9617f97e8bdb2d4d0bfa5322f0c7f442c821bbf881ac40aa
Description: Simple security-aware Domain Name Service server
 An easy to configure DNS server that functions as a
 recursive and/or authoritative name server. Maradns is
 optimised for serving a small number of domains quickly and
 efficiently. Well suited to host your own private DNS server
 for making up subdomains with minimal fuss. Maradns is
 security-aware by utilising a special string library which
 is resistant to buffer overflows and mandating to run as an
 unprivileged user.
 MaraDNS can be found from http://www.maradns.org/
Tag: interface::daemon, network::server, protocol::dns, role::program


craig sanders <cas@taz.net.au>

BOFH excuse #238:

You did wha... oh _dear_....

Reply to: