Re: high performance caching bind server
On Mon, Mar 12, 2007 at 07:21:34PM -0600, Michael Loftis wrote:
> --On March 12, 2007 7:16:10 PM -0400 George Georgalis <george@galis.org>
> wrote:
>
> >you're not recommending dnscache, you are recommending against it.
> >
> >but really you are spreading FUD.
> >
> >a) what various ways are you referring to?
>
> I don't have a boatload of specifics but one that bugs me is incomplete TCP
> support. You can only do an SOA/AXFR sequence over TCP.
that's not really relevant for a caching only resolver.
mind you, i don't use djbware because the license sucks...it's not free
software, which means that when it inevitably needs a patch, you're back to
the procedure of the bad old days (pre-linux) of download original source,
hunt for patches, download them, apply them, hope they don't conflict with
each other, hack them so that they don't conflict, compile, install. repeat
next time there's a bug fix.
IMO, this is such a PITA that his software isn't worth using.
there are other reasons for not using his software, in particular his
habit of reinventing the wheel in stupid ways (he might be a good
programmer but IMO he's a lousy sysadmin), but they're not really
relevant to dnscache.
i used to use maradns (packaged for debian, see below) as a small
caching-only resolver a few years ago. it was OK. i wouldn't use it as
an authoritative nameserver, partly because it doesn't use the bind zone
file format, but it's OK for just a cache. only reason i havent used it
recently is because i haven't needed to.
Package: maradns
Priority: extra
Section: net
Installed-Size: 1096
Maintainer: Kai Hendry <hendry@iki.fi>
Architecture: i386
Version: 1.2.12.05-1
Depends: libc6 (>= 2.3.6-6), adduser
Filename: pool/main/m/maradns/maradns_1.2.12.05-1_i386.deb
Size: 475700
MD5sum: 6bcba8ff50f381b601c1e5349a3b129d
SHA1: 31b6d0dedf5839cbe3ee598c63808c878a2fa159
SHA256: 42450cc764b32daf9617f97e8bdb2d4d0bfa5322f0c7f442c821bbf881ac40aa
Description: Simple security-aware Domain Name Service server
An easy to configure DNS server that functions as a
recursive and/or authoritative name server. Maradns is
optimised for serving a small number of domains quickly and
efficiently. Well suited to host your own private DNS server
for making up subdomains with minimal fuss. Maradns is
security-aware by utilising a special string library which
is resistant to buffer overflows and mandating to run as an
unprivileged user.
.
MaraDNS can be found from http://www.maradns.org/
Tag: interface::daemon, network::server, protocol::dns, role::program
craig
--
craig sanders <cas@taz.net.au>
BOFH excuse #238:
You did wha... oh _dear_....
Reply to: