Users Want *Seamless* Solutions, Not Patchwork (was Re: Users want solutions, not buzzwords)

[D. J. Bernstein]

Ease of use is actually one of the selling points of djbdns over BIND.
See http://cr.yp.to/djbdns/blurb/easeofuse.html for a table showing
exactly how various common operations work with djbdns and with BIND.

Unlike the BIND company---which sells support services---I don't have
any financial interests in hard-to-use software.

Kevin Darcy writes:
> They are *so* generic that you have to write glue stuff around them

I support rsync+ssh for djbdns replication, so the necessary one-line
command is shown in the documentation. It takes much less typing than
setting up a slave server with BIND, and it automatically takes care of
new zones, client differentiation (``views''), etc.

> A lot of people don't have rsync and/or ssh already set up

Every experienced multiple-machine administrator already has, and knows
how to use, file-copying tools. ssh is extremely widespread, but you
could also use NFS, the web, whatever. Most administrators don't care
about incremental replication, so they can skip rsync.

New multiple-machine administrators should start by setting up ssh.
They're going to want it anyway.

> I've converted over our maintenance system to use Dynamic Update

Several equivalent systems are already available for djbdns. The djbdns
interfaces are designed to cooperate with external tools.

> And Dynamic Update prerequisites enable greater guarantees of data
> consistency.

djbdns supports prerequisites with guaranteed consistency and much more
flexibility. For example, the add-host command automatically and
reliably checks whether the name or IP address is already in use, even
if reverse lookups aren't handled locally. (Yes, you can set up
duplicates if you want.)

djbdns also supports atomic replacement of any number of records across
any number of zones. You ask about file locking; the answer is simply
setlock data.lock add-host, no extra tools required.

> Dynamic Update also integrates better with DHCP servers

I fully realize that the BIND company's DHCP server is designed to work
with BIND. Have they fixed the root exploits?

> and/or (I shudder to mention it) Windows 2000/Active Directory.

Standard practice is to delegate a subdomain to a Windows DNS server, so
this is a non-issue.

> EDNS0 options are the biggest boon to DNS protocol extension that have
> come down the pike in a long time.
  [ ... ]
> The possibilities are endless.

Translation: ``I don't actually use EDNS0 for anything.''

---Dan