On Aug 18, 1:27pm, [email protected] (Greg Troxel) wrote: -- Subject: Re: bind -> unbound/nsd
| Please note that I'm not objecting; I'm just asking for the rationale to | be articulated. There are many analyses on the web comparing bind and unbound, here are 3: http://info.menandmice.com/blog/bid/37244/10-Reasons-to-use-Unbound-DNS https://forums.freebsd.org/threads/53924/ https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software For us though the particular reasons are: - License change would require us to copy the software and reapply patches. - We don't have other MPL software in base; this would mean another license. - Fewer security issues - Smaller memory footprint for most people, easier to administer. - New resolver API's (asynchronous etc) - Modular, simpler, smaller, better auditable - BSD licensed And some negatives: - Crypto is integrated, not optional (although we can fix that) - Bind libraries are still used by dhcpd - Needs additional components nsd, openDNSSEC, ldns to match bind's functionality christos
