Bind update
Richard Coleman
richardcoleman at mindspring.com
Sat Nov 22 17:57:01 PST 2003
David Rhodus wrote:
Richard Coleman wrote:
Is there any reason to keep bind (other than resolver libs) in the
base system? I don't want to be too minimalistic, but I've always
found that having bind in the base just gets in my way. And the bind9
port is a very easy install.
This question comes up everytime we look to patch or update some vendor
type of software
in the cvs tree. I don't think we are any were near close enough to look
at hacking up the
contrib dir, at least not for several months.
I can't find a pressing reason to remove it as it would require a large
amount of work for a proper removal. I know, I know bind-8 has some
serious, unfixable issues withit the biggest of which being that NS glue
and additional-record returns are not properly separated out from
offical glue and official record data in internal structures and can
poison the DNS cache.
I also don't want to rely on using the bind9 from ports as there is not
real support under DragonFly for the ports tree at this time. Only hacks
that we've added on to help make life better. At this FreeBSD is going
in a different direction than DragonFly and the ports tree is
being tuned for FreeBSD and hence may end up breaking builds of software
that complies
cleanly from the vendors website. I've also noticed that the bind-9 port
does not properly
install the new encrypted command/management system.
-DR
I understand that it may be a little early to rip this out of the base.
Just something to keep in mind for later. It's a pretty big package
and is updated frequently. And since it is not necessary for a typical
system (except for resolver libs), it seems a logical candidate to be
moved to ports. Especially since many bind users are now moving to
bind9 (usually to get the new root-delegation-only feature).
Part of my interest in this is also to gauge the interest to moving the
resolver libs to the versions contained in bind9. At this point, it
seems stable enough that this should be considered.
Also, I'm not sure what problem you are referring to in the bind9 port.
I just copied my rndc.key file to the right directory and rndc worked
out of the box. But my bind setup is pretty simple.
I realize this is just idle, bikeshed discussion. But it's interesting :-)
Richard Coleman
richardcoleman at xxxxxxxxxxxxxx
More information about the Kernel
mailing list