BIND 9.11 / edns-client-subnet

Nico CARTRON nicolas at ncartron.org
Mon May 9 20:20:33 UTC 2016 

Hi Bert,
On 9 May 2016 at 21:24:42, bert hubert (bert.hubert at netherlabs.nl) wrote:

On Mon, May 09, 2016 at 05:24:50PM +0200, Nico CARTRON wrote: 
> > Perhaps you should tell us how it works for you, what your testing has  
> > found, and contribute to the development of great open source software?  
> well, I am just starting the tests now, so cannot tell - yet :) 
> I will definitely report once I have progressed, but in the meantime, any feedback from others would be appreciated. 

Let me comment on my snark a bit before I promise to no longer pollute this 
technical list with such remarks. 
ouch, did not see this one coming.
Let me answer to your remarks below.



Any appliance vendor is a net loss of 
revenue and reputation for the open source world unless you contribute back. 
It does not sustain our software otherwise. 
Just because you’ve not heard of something does not mean this does not happen.
And bare in mind that we’re using other non-DNS softwares, so we contributed to other fields.



And in fact, by branding BIND (which is a magnificent collection of DNS 
functionality, which you ship) as "the most common victim" of security 
issues, you are hurting open source. [1] Your non-public sales stories are 
worse. 
I don’t see how calling BIND “the most common victim” is hurting open source.
We push for software diversity, which is always good.



Given that, I found it a bit rich for you (from a non-company email 
address!) to ask the community that supplies you with free software to give 
you some free testing too.  
I’ve always used my private email address for mailing lists, that’s easier.
And unless I re-read my previous email incorrectly, I did not ask for “some free testing”,
but for feedback from others.



It would be great to see some testing from you perhaps. For example, how DID 
you achieve 27 million queries/second?
That’s 17 million QPS.
If you’re around at the RIPE meeting in Copenhagen, I’ll be more than happy to discuss it with you.



> BTW Bert, does PowerDNS support it? ;) 
> I saw (https://github.com/PowerDNS/pdns/issues/573) that’s it’s on git master, does that mean it’s publicly available? 

Yes - see my off list reply. 
Thank you, but I did not receive this off-list reply.

With the above being said, can we please come back to the original topic and not pollute this list?
We can continue off-list or talk in Copenhagen if you wish to.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160509/ce4574b3/attachment.html>

More information about the bind-users mailing list