NS record question

Doug Barton DougB at DougBarton.net
Tue Mar 27 05:27:17 UTC 2001

Roy Arends wrote:

> I hope everyone realises that the development of BIND 8 is dead. No new
> features, No new RR records (No A6/DNAME for instance), No full DNSSEC
> implementation. The only thing that's done for BIND 8 is an occasional bug
> fix.

	With all due respsect I hope you realize that most of us need something
that is stable and whose behavior is well known more than we need new
features. There are three issues that I can think of relevant to this
issue. First off, while there have been security issues in the past with
bind 8 code (and may be again in the future) for the most part the code is
in fairly good shape. Yes, it's ugly in places, but it's got collectively
millions of hours of operational experience, and has had lots of eyes on
it, black hats and white. 

	Which leads me to my next issue, namely that the bind9 source is new, and
comparitively untested. While I applaud the efforts underway currently to
fix the bugs present in the code, the type and quantity of bugs being fixed
currently are indicative of "new code." The bugs that are getting exposed
are the kind that show up when new code is tested in the real world. This
is an inevitable evolution in any project of this scale. Unfortunately, at
this point in my professional life I don't have the time to assist with it.

	Finally, when you combine features in bind8 that are not implemented at
all in bind9, or implemented differently (often gratuitously); there is a
fairly good sized adoption hurdle for bind9. Concerns that I and others
have raised in this area have been brushed aside, when they are
acknowledged at all. This is another thing I don't have time for,

> To keep up and running with new DNS features, as in DNSSEC/IPv6 an all
> that jazz, I suggest people to move to BIND-9.

	Point well taken, and at some point in the near future I'm going to be
diving in with both feet because I'll be needing some of those new
features. But for the vast majority of bind users I think 8.2.3-Release is
the best choice right now. 	

    Perhaps the greatest damage the American system of education has done
    to its children is to teach them that their opinions are relevant
    simply because they are their opinions.

	Do YOU Yahoo!?

More information about the bind-users mailing list