Re: Replacing BIND with unbound (Was: Re: Pull in upstream befor
On Sat, Jul 7, 2012 at 6:45 PM, Doug Barton <dougb@freebsd.org> wrote:
> On 07/07/2012 16:34, Bjoern A. Zeeb wrote:
> > On 7. Jul 2012, at 23:17 , Doug Barton wrote:
> >
> >> On 07/07/2012 14:16, Bjoern A. Zeeb wrote:
> >>>
> >>> On 3. Jul 2012, at 12:39 , Dag-Erling Sm=F8rgrav wrote:
> >>>
> >>>> Doug Barton <dougb@FreeBSD.org> writes:
> >>>>> The correct solution to this problem is to remove BIND from the bas=
e
> >>>>> altogether, but I have no energy for all the whinging that would
> happen
> >>>>> if I tried (again) to do that.
> >>>>
> >>>> I don't think there will be as much whinging as you expect. Times
> have
> >>>> changed.
> >>>>
> >>>> I'm willing to import and maintain unbound (BSD-licensed validating,
> >>>> recursive, and caching DNS resolver) if you remove BIND.
> >>>
> >>> I'd object to it. Trading one for another without gaining anything
> does
> >>> not help us much.
> >>
> >> Au contraire. It solves the problem of BIND release cycles not matchin=
g
> >> up with ours. This is a very important problem to solve.
> >
> > Right and unbound et al are better? Bind at least gives us long term
> > support releases these days. We just need to make sure we pick them
> > for releases.
> >
> >
> >> I've already written at length as to what I think the dream solution i=
s,
> >> but we don't have anyone willing to code that yet, and even if we did,
> >> there is no guarantee that we'd get the buy-in to make it happen. In
> >> addition to being a good first step, doing this for DNS will also help
> >> us shake out the exact issues you allude to below.
> >>
> >>> Don't get me wrong I have both running for years and even maintain
> patches
> >>> for unbound for 2 years now for functionality they do not provide,
> which
> >>> named happily gives me.
> >>
> >> Other than authoritative DNS, what features does unbound lack that you
> want?
> >
> > DNS64 as a start.
>
> Personally I would classify that as a highly-specialized request, and
> would point you to the bind* ports. I acknowledge that others may have a
> different view.
I am unclear on how this solves the main problem I think was stated about
syncing up with release branches. If it doesn't solve that, isn't this
just busy work?
--=20
Adam Vande More
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 4 之 18 篇):