Re: high performance caching bind server

To: debian-isp@lists.debian.org
Subject: Re: high performance caching bind server
From: Craig Sanders <cas@taz.net.au>
Date: Tue, 13 Mar 2007 15:20:39 +1100
Message-id: <[🔎] 20070313042038.GA6861@taz.net.au>
In-reply-to: <[🔎] 50C04F1CB1BC8016BBFDAFDD@d216-220-25-31.dynip.modwest.com>
References: <[🔎] 20070312094307.GB22893@japester.cacheboy.net> <[🔎] 200703120957.26824@office.a-mazing.net> <[🔎] E9AA13CE46C10D6F799F9E63@dhcp-2-206.wgops.com> <[🔎] 20070312231610.GD1010@run.galis.org> <[🔎] 50C04F1CB1BC8016BBFDAFDD@d216-220-25-31.dynip.modwest.com>

On Mon, Mar 12, 2007 at 07:21:34PM -0600, Michael Loftis wrote:
> --On March 12, 2007 7:16:10 PM -0400 George Georgalis <george@galis.org> 
> wrote:
> 
> >you're not recommending dnscache, you are recommending against it.
> >
> >but really you are spreading FUD.
> >
> >a) what various ways are you referring to?
> 
> I don't have a boatload of specifics but one that bugs me is incomplete TCP 
> support.  You can only do an SOA/AXFR sequence over TCP.

that's not really relevant for a caching only resolver.

mind you, i don't use djbware because the license sucks...it's not free
software, which means that when it inevitably needs a patch, you're back to
the procedure of the bad old days (pre-linux) of download original source,
hunt for patches, download them, apply them, hope they don't conflict with
each other, hack them so that they don't conflict, compile, install.  repeat
next time there's a bug fix.

IMO, this is such a PITA that his software isn't worth using.

there are other reasons for not using his software, in particular his
habit of reinventing the wheel in stupid ways (he might be a good
programmer but IMO he's a lousy sysadmin), but they're not really
relevant to dnscache.

i used to use maradns (packaged for debian, see below) as a small
caching-only resolver a few years ago. it was OK. i wouldn't use it as
an authoritative nameserver, partly because it doesn't use the bind zone
file format, but it's OK for just a cache. only reason i havent used it
recently is because i haven't needed to.

Package: maradns
Priority: extra
Section: net
Installed-Size: 1096
Maintainer: Kai Hendry <hendry@iki.fi>
Architecture: i386
Version: 1.2.12.05-1
Depends: libc6 (>= 2.3.6-6), adduser
Filename: pool/main/m/maradns/maradns_1.2.12.05-1_i386.deb
Size: 475700
MD5sum: 6bcba8ff50f381b601c1e5349a3b129d
SHA1: 31b6d0dedf5839cbe3ee598c63808c878a2fa159
SHA256: 42450cc764b32daf9617f97e8bdb2d4d0bfa5322f0c7f442c821bbf881ac40aa
Description: Simple security-aware Domain Name Service server
 An easy to configure DNS server that functions as a
 recursive and/or authoritative name server. Maradns is
 optimised for serving a small number of domains quickly and
 efficiently. Well suited to host your own private DNS server
 for making up subdomains with minimal fuss. Maradns is
 security-aware by utilising a special string library which
 is resistant to buffer overflows and mandating to run as an
 unprivileged user.
 .
 MaraDNS can be found from http://www.maradns.org/
Tag: interface::daemon, network::server, protocol::dns, role::program

craig

-- 
craig sanders <cas@taz.net.au>

BOFH excuse #238:

You did wha... oh _dear_....

Reply to:

Follow-Ups:
- Re: high performance caching bind server
  - From: "Hans du Plooy" <koffiejunkielistlurker@koffiejunkie.za.net>

References:
- high performance caching bind server
  - From: Jean-Paul Blaquiere <jeanpaul@blaquiere.id.au>
- Re: high performance caching bind server
  - From: Gregor Hermens <gregor@a-mazing.de>
- Re: high performance caching bind server
  - From: Michael Loftis <mloftis@modwest.com>
- Re: high performance caching bind server
  - From: "George Georgalis" <george@galis.org>
- Re: high performance caching bind server
  - From: Michael Loftis <mloftis@modwest.com>

Prev by Date: Re: high performance caching bind server
Next by Date: Re: high performance caching bind server
Previous by thread: Re: high performance caching bind server
Next by thread: Re: high performance caching bind server
Index(es):
- Date
- Thread