Russell Coker <[email protected]> writes:
> On Thu, 10 Sep 2015 11:52:31 AM Trent W. Buck wrote:
>> Have you considered nsd3 + unbound instead?
>
> Last time I tried NSD it required a utility from the BIND source tree to copy
> a zone to a secondary server.
I don't know what you mean by that.
I transfer zones between my nsd3 and zonedit using AXFR/IXFR.
Some zones I'm the primary, some zones zoneedit is the primary.
> It was also annoying to setup.
> Has it improved in that regard?
The "let <IP> ask you about <zone>" needs two lines per IP,
where named needs only one.
Other than that, for simple usage, I don't know what you mean.
PS: also nsd didn't integrate cleanly with upstart,
because "reload" &c causes a PID change.
> Apart from being annoying it seemed like a reasonable option. A minimal code
> base designed to be secure.
For me, the advantage is explicit separation between
I'm server zone X to the internet! (nsd3)
and
I'm a caching proxy for my LAN to get zones from the internet! (unbound)
With named wearing both hats, I always worry that in any given setup,
I haven't fully removed the unwanted hat.
_______________________________________________
luv-main mailing list
[email protected]
http://lists.luv.asn.au/listinfo/luv-main
