Moving BIND from Solaris to Linux
We are currently looking at replacing our Solaris boxes with a flavour of Linux to run BIND with a focus on Red Hat and Ubuntu. I am trying to collect some evidence to which OS is being used to run BIND and why, before we make a decision. Could you please respond by sending me, or the list, information on which OS you are using to run BIND and any information on why your decided to run it on that particular platform. I am also asking other list for similar information on Squid, Exim, Apache, etc... Many thanks for any information you may send me. Graham Butler Infrastructure Team. Email:g.but...@hud.ac.uk Tel: 01484 473785 The University of Huddersfield Computing and Library Services PO Box No. 341 Huddersfield HD1 3DH --- This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Moving BIND from Solaris to Linux
On Mon, Oct 1, 2012 at 7:58 PM, Graham Butler wrote: > We are currently looking at replacing our Solaris boxes with a flavour of > Linux to run BIND with a focus on Red Hat and Ubuntu. I am trying to collect > some evidence to which OS is being used to run BIND and why, before we make > a decision. Could you please respond by sending me, or the list, information > on which OS you are using to run BIND and any information on why your > decided to run it on that particular platform. > > > > I am also asking other list for similar information on Squid, Exim, Apache, > etc……. Searching "unix linux migration" in Google would probably save you lots of time instead of waiting for list responses. Anyway, in my past experience, the bigesst difference was not so much the OS, but rather the hardware. x86 (or rather, amd64) kick other platform's a**, performance-wise, on hardware with relatively-similar budget. When you mostly run "popular" open source software, running it on Linux would usually offer additional advantage of making your life easier since the distro maintainers would take care of providing up-to-date or secure-enough packages. -- Fajar ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Moving BIND from Solaris to Linux
We use RHEL mainly because that's our distro of choice for most of our applications. It is the most popular "commercial" distro is the one most 3rd party commercial applications (e.g. Oracle) support. (Of course SLES has a lot of support as well but not quite a much - others will tell you Ubuntu is commercially supported by Canonical but what I'm talking about is the platform other vendors are willing to say they support their applications upon.) The benefit of using RHEL is they provide you with BIND (including a chroot'ed version) packages so you get security and bug fixes. The downside is the way RedHat does things is to use an upstream version as their base then they backup bug and security fixes into it from later upstream versions. They add extended versioning to what you actually have but you end up looking as if you're still running say, BIND 9.3.1 on RHEL5, but the one you're actually running has diverged from the base. This causes many folks (e.g. PCI security scanning organizations, people on the BIND mailing list) to think you're running an insecure version because they don't check for the extended versioning. In fact you're not running insecurely. You can hide the version of BIND so that security scanners don't find it.However, as newer features are added upstream they don't all necessarily make it into the RHEL modified version. One idea would be to use RHEL but still download and compile your own BIND on top of it. However, if the only thing on your RHEL server is BIND you have to wonder why you're paying RedHat a subscription. The main benefit would be continuity of platform if you're running multiple servers for diverse purposes as we are. -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Fajar A. Nugraha Sent: Monday, October 01, 2012 9:20 AM To: Graham Butler Cc: bind-users@lists.isc.org Subject: Re: Moving BIND from Solaris to Linux On Mon, Oct 1, 2012 at 7:58 PM, Graham Butler wrote: > We are currently looking at replacing our Solaris boxes with a flavour > of Linux to run BIND with a focus on Red Hat and Ubuntu. I am trying > to collect some evidence to which OS is being used to run BIND and > why, before we make a decision. Could you please respond by sending > me, or the list, information on which OS you are using to run BIND and > any information on why your decided to run it on that particular platform. > > > > I am also asking other list for similar information on Squid, Exim, > Apache, etc... Searching "unix linux migration" in Google would probably save you lots of time instead of waiting for list responses. Anyway, in my past experience, the bigesst difference was not so much the OS, but rather the hardware. x86 (or rather, amd64) kick other platform's a**, performance-wise, on hardware with relatively-similar budget. When you mostly run "popular" open source software, running it on Linux would usually offer additional advantage of making your life easier since the distro maintainers would take care of providing up-to-date or secure-enough packages. -- Fajar ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Athena(r), Created for the Cause(tm) Making a Difference in the Fight Against Breast Cancer - CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Moving BIND from Solaris to Linux
> One idea would be to use RHEL but still download and compile your own BIND on > top of it. Yup, IIRC there are (S)RPM for latest bind versios posted on this list. > However, if the only thing on your RHEL server is BIND you have to wonder > why you're paying RedHat a subscription. Yeah. If you only need latest binary, ubuntu (plus it's ppa) is probably a better choice, e.g https://launchpad.net/~hauke/+archive/bind9 Then again, the OP only mentions open source apps, with no mention of Oracle and such. So using latest ubuntu LTS is probably a better choice in that case. -- Fajar ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Moving BIND from Solaris to Linux
The reason I did the full discussion is that many shops are moving from proprietary UNIX (Solaris, AIX, HP-UX) or Windows to Linux solutions.If they are moving much infrastructure but just starting with BIND then he needs to consider what I wrote. Also I don't really agree that Ubuntu is the best solution. One could run CentOS which has no subscription fee but is binarily compatible with RHEL then download and compile BIND for it.In an organization using Solaris they presumably have "professional administrators" and are more likely to find folks with RHEL experience when hiring staff that will fill totally comfortable with CentOS. If continuity and staffing aren't considerations and this is truly going to be a one off he could use Suse or Slackware or any one of a thousand Linux distros (or even one of the *BSD distros - since BSD is where Solaris came from originally). If it's a one off "best" is truly subjective. There are many people that detest Ubuntu and many people that love it -though the din from the former seems to have overwhelmed the latter since Unity desktop and other moves by Canonical :-) -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Fajar A. Nugraha Sent: Monday, October 01, 2012 9:58 AM To: bind-users@lists.isc.org Subject: Re: Moving BIND from Solaris to Linux > One idea would be to use RHEL but still download and compile your own BIND on > top of it. Yup, IIRC there are (S)RPM for latest bind versios posted on this list. > However, if the only thing on your RHEL server is BIND you have to wonder > why you're paying RedHat a subscription. Yeah. If you only need latest binary, ubuntu (plus it's ppa) is probably a better choice, e.g https://launchpad.net/~hauke/+archive/bind9 Then again, the OP only mentions open source apps, with no mention of Oracle and such. So using latest ubuntu LTS is probably a better choice in that case. -- Fajar ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Athena(r), Created for the Cause(tm) Making a Difference in the Fight Against Breast Cancer - CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
