On Sat, Nov 23, 2002 at 02:08:10AM +0100, Oden Eriksson wrote: > > MaraDNS: > > - Has documentation. > > - Has cryptographic signatures, but the key they are signed with isn't > > on wwwkeys.pgp.net, but the key is included in package. But not putting > > their key in the keyserver doesn't give me a whole lot of confidence in > > the signature. So I imported the key that was in the package. It is > > only a self signed key. Not very useful to prove that it's real. So > > much for a security focused DNS server. > > - Doesn't support multiple views. > > - Doesn't support separate ACLs for each zone. > > - Doesn't support acting as a secondary server as far as I can tell. > > - Doesn't support round robin setups e.g. CNAME for www.domain.com > > points to multiple ips that get returned in a rotating fashion. It only > > returns the first ip. > > - Doesn't handle MX's and wildcard listsings properly. > > - Has an absolutely horrid zone file format. > > - Doesn't appear to support the LOC record. At least I didn't see any > > explanation of how to make one in their file format. > > Huh? What _does_ it do?
Authorative, Primary, Master whatever you want to call it... Recursive. ACLs that apply to all the zones. Blocking querying by zones that might be spammers (you have to set the ips of the spammers up though). It handles MX records per spec as long as you don't have wildcards (which most people probably don't). LOC records are the location (lattitude and longitude) records that xtraceroute uses. For most people without complex needs this server will work. But it's zone files are overly complicated and it's configurability in some regards is pretty limited. > mydns-0.9.3-1mdk has been in contribs since Thu Sep 19 2002 (if it's the same > as MyDNS?) Please do try it. Yup same thing. I just don't want to run mysql for my nameserver. If I had a lot more zones than I do and wanted to give customers access to zone files I'd consider it. But I don't. And since I'm not running mysql already I don't really want to start running it just for DNS. -- Ben Reser <[EMAIL PROTECTED]> http://ben.reser.org "If you're not making any mistakes, you're flat out not trying hard enough." - Jim Nichols
