Bind update

Richard Coleman richardcoleman at mindspring.com
Sat Nov 22 17:57:01 PST 2003


David Rhodus wrote:
Richard Coleman wrote:

Is there any reason to keep bind (other than resolver libs) in the 
base system?  I don't want to be too minimalistic, but I've always 
found that having bind in the base just gets in my way.  And the bind9 
port is a very easy install.


This question comes up everytime we look to patch or update some vendor 
type of software
in the cvs tree. I don't think we are any were near close enough to look 
at hacking up the
contrib dir, at least not for several months.

I can't find a pressing reason to remove it as it would require a large 
amount of work for a proper removal. I know, I know bind-8 has some 
serious, unfixable issues withit the biggest of which being that NS glue 
and additional-record returns are not properly separated out from 
offical glue and official record data in internal structures and can 
poison the DNS cache.

I also don't want to rely on using the bind9 from ports as there is not 
real support under DragonFly for the ports tree at this time. Only hacks 
that we've added on to help make life better. At this FreeBSD is going 
in a different direction than DragonFly and the ports tree is
being tuned for FreeBSD and hence may end up breaking builds of software 
that complies
cleanly from the vendors website. I've also noticed that the bind-9 port 
does not properly
install the new encrypted command/management system.

-DR
I understand that it may be a little early to rip this out of the base. 
 Just something to keep in mind for later.  It's a pretty big package 
and is updated frequently.  And since it is not necessary for a typical 
system (except for resolver libs), it seems a logical candidate to be 
moved to ports.  Especially since many bind users are now moving to 
bind9 (usually to get the new root-delegation-only feature).

Part of my interest in this is also to gauge the interest to moving the 
resolver libs to the versions contained in bind9.  At this point, it 
seems stable enough that this should be considered.

Also, I'm not sure what problem you are referring to in the bind9 port. 
 I just copied my rndc.key file to the right directory and rndc worked 
out of the box.  But my bind setup is pretty simple.

I realize this is just idle, bikeshed discussion.  But it's interesting :-)

Richard Coleman
richardcoleman at xxxxxxxxxxxxxx






More information about the Kernel mailing list