On Mon, Sep 30, 2013, at 8:53, Dimitry Andric wrote: > On Sep 30, 2013, at 14:28, Mark Felder <f...@freebsd.org> wrote: > ... > > BIND functioned as both roles. The lack of separation is often why it is > > criticized. DJB made the separation of roles famous when he released > > DJBDNS which includes two daemons: dnscache and tinydns. > > > > The complementary daemon by the Unbound authors (NLNet Labs) is called > > nsd. This is probably what you're looking for. Please keep in mind you > > cannot run both nsd and unbound on the same IP as they both cannot > > listen on the same port (53). > > Yes, and there is the rub for most 'SOHO' users, who do not win anything > by separating these roles. In such cases, setting up a separate IP > and/or port just to split up authoritative and recursive DNS is rather > inconvenient... >
We should update the handbook to point people to the version of BIND in ports. We can't keep BIND 9 in base forever, and BIND 10 would require we import Python... We don't have a lot of options at this point and DES pointed out in his blog that the future of DNS is in base is being reworked for FreeBSD 11. This is just a stopgap. _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
