"Hidden" Primary DNS
Jim Reid
jim at rfc1035.com
Thu Aug 29 18:21:16 UTC 2002
>>> i refered to a 'suite' of programs, did i not? this is one of
>>> the prinicple benefits of the djb approach: if you don't need
>>> zone transfers, dont use axfrdns; if you don't do
>>> caching/recursion, don't use dnscache.
Calling this a benefit is debatable. [One mans' mean it another poison
I suppose.] A bunch of programs like this adds complexity, which is a
security problem itself. A naive adminsitrator needs to figure out
what all these myriad of programs are for, how they're inter-related,
which ones they need and don't need. And then figure out how to get
them to work. Let's not forget the maintenance hassle of keeping track
of which of these programs need to be upgraded or re-installed. And
all that's before we get to all the other weird stuff that needs to
be installed and configured on your computer so you can run djbdns.
BTW, the newsgroup is gatewayed into a mailing list. So it's
anti-social to provide a bogus email address. It doesn't even prevent
spam: the main reason some people follow this irritating practice.
More information about the bind-users
mailing list