Don't provide promiscuous proxy DNS service
D. J. Bernstein
75628121832146-bind at sublist.cr.yp.to
Thu Sep 6 05:16:28 UTC 2001
Kevin Darcy writes:
> it appears that you're trying to use this terminology shift to prove
> that djbdns's structure (in which the so-called "proxy server"
> component is separated from the so-called "content server" component)
> is superior to BIND's.
As for terminology: The djbdns documentation uses ``DNS client'' and
``DNS cache'' and ``DNS server.'' RFC 1035, one of the DNS standards,
has a clear picture of these three different pieces on page 6.
As for superiority: The DNS-and-BIND book, in the ``Securing Your Name
Server'' section, specifically recommends keeping caches separate from
servers, for the same reasons that they're separate in djbdns.
---Dan
More information about the bind-users
mailing list