There is an other problem with replacing bind with unbound and nsd. If you have a setup where you need to do authoritative and recursive resolving of domains with the same socket and you have to synchronise with an extern dns server over zone transfers.
This setup is not possible at the moment with unbound and nsd. You need a feature in unbound that it forwards zone transfer requests to another dns server. I think it could be possible with the unbound python-extension to implement such a feature, but in OpenBSD Base there will no unbound with this kind of extension. I think we need modern bind in ports if we do the replacement. So that the admins out there could easily use OpenBSD as a DNS-Server with such extra features. -- Jan Klemkow
