Re: bind -> unbound/nsd

To: Greg Troxel <gdt%ir.bbn.com@localhost>
Subject: Re: bind -> unbound/nsd
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Fri, 19 Aug 2016 02:16:26 -0400

On Aug 18,  1:27pm, gdt%ir.bbn.com@localhost (Greg Troxel) wrote:
-- Subject: Re: bind -> unbound/nsd

| Please note that I'm not objecting; I'm just asking for the rationale to
| be articulated.

There are many analyses on the web comparing bind and unbound, here are 3:

http://info.menandmice.com/blog/bid/37244/10-Reasons-to-use-Unbound-DNS
https://forums.freebsd.org/threads/53924/
https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software
  
For us though the particular reasons are:

- License change would require us to copy the software and reapply patches.
- We don't have other MPL software in base; this would mean another license.
- Fewer security issues
- Smaller memory footprint for most people, easier to administer.
- New resolver API's (asynchronous etc)
- Modular, simpler, smaller, better auditable
- BSD licensed

And some negatives:
- Crypto is integrated, not optional (although we can fix that)
- Bind libraries are still used by dhcpd
- Needs additional components nsd, openDNSSEC, ldns to match bind's
  functionality

christos

Follow-Ups:
- Re: bind -> unbound/nsd
  - From: Roy Marples

References:
- Re: bind -> unbound/nsd
  - From: Greg Troxel

Prev by Date: Automated report: NetBSD-current/i386 test failure
Next by Date: xorg-server 1.18 ready for testing on x86 and shark
Previous by Thread: Re: bind -> unbound/nsd
Next by Thread: Re: bind -> unbound/nsd
Indexes:

Home | Main Index | Thread Index | Old Index