On Friday 27 January 2006 08:14, Alexandru E. Ungur wrote:
Any reason you're using tinydns as opposed to bind? I can throw a couple sample zones your way for bind, but I've never looked at tinydns (given that it doesn't come with centos and all :-P )
How about these reasons: http://cr.yp.to/djbdns/blurb/easeofuse.html ?
Boy, that would be funnier if it wasn't just so WRONG...
As somebody who's used djb's various non-standard and often incompatable re-writes of standard tools, the servers with the most painful costs to support are those with djb's stuff installed.
It's been a long time since bind was remotely exploitable, and even so, updating named when something is found is as simple as
yum -y update; service named restart;
which should be part of your standard maintenance schedule, anyway.
DJB's stuff is so old and infrequently updated, that now it often comes with a "standard set of patches" that must be applied before it will even compile! Furthermore, the license behind DJB's stuff is terrible - no binary distribution, etc. It's typical to be forced to recompile it just to apply a minor config change, making scripting of such updates and changes virtually impossible.
If you want bind managed easily, Webmin is a good bet for making it "idiot proof".
Sorry - I once was sold on the idea of djb's tools and Qmail, and I've regretted installing it ever since. Save yourself some serious agony - run (don't walk!) away from djb-ANYTHING!
-Ben