djbdns: An alternative to BIND

• Previous message (by thread): djbdns: An alternative to BIND
• Next message (by thread): djbdns: An alternative to BIND
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Saturday 09 Apr 2005 8:29 am, sthaug at nethelp.no wrote:
> 

At the risks of prolonging a thread that should have died Saturday.

> - dnscache used *more* CPU than BIND 9 in our environment, effectively
> ruling it out

dnscache opens a separate port for each request, thus making DNS spoofing 
harder (unless you can sniff the packets, then you don't care), BIND doesn't 
do this, relying solely on query id to prevent spoofing (till DNSSEC or 
similar is deployed).

Overly paranoid, perhaps, but I think it is important to understand that 
performance isn't everything. If you want the best performing DNS server last 
time Rick looked Microsoft DNS was well ahead of BIND, good luck to anyone 
trying to use it for a big recursive DNS.

> - Weird failures reported from users

I've used dnscache in operational, if not terribly busy role, found like most 
of DJBs software it does what it says on the tin. It may do a lot less than 
it's competitors but it does it and keeps doing it. Even if you have to patch 
it to get it to compile <sigh>.

> - Annoying installation process with lots of small programs that we
> don't want or need

Agreed.

• Previous message (by thread): djbdns: An alternative to BIND
• Next message (by thread): djbdns: An alternative to BIND
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]