bind vs djbdns

Jim Reid jim at rfc1035.com
Thu Aug 24 16:01:04 UTC 2000 

>>>>> "danny" == Caffeine  <danny_milne at yahoo.co.uk> writes:

    danny> Hi All, I'm looking into the pros and cons of bind vs
    danny> djbdns. Anyone with experience using both? Djb seems to
    danny> have a low regard for bind. Is it justified?

Well roughly 90% of the world's name servers run BIND. AFAIK all the
important zones in the world - like the root zone and top-level
domains - are served exclusively by BIND. It's also possible to get a
support contract for BIND from my employer, Nominum. IIUC, there is no
professional support infrastructure - contracts, SLAs, 24x7 telephone
assistance, etc - available for tinydns. BIND is a (the?) complete
implementation of DNS and supports the latest standards and features
like EDNS0, DNSSEC and IPv6. Admittedly some of these things are only
in BIND9, which is due out soon. The last time I looked at tinydns, it
only supported a small number of resource record types. [From memory,
SRV records were not supported. There was definitely nothing on DNSSEC
or even TSIG. Or dynamic updates or incremental zone transfer.]
Another issue with tinydns is that it uses different config files -
names and formats - as well as a different format for zone files. This
isn't necessarily a bad thing, but when all the literature - books,
vendor manuals, training courses, Linux HOWTOs, etc - don't mention
tinydns, these obscure formats have an uphill struggle to find
acceptance. The same goes for DNS administration. It's already very
hard to find people with good DNS skills. Most of them will only have
worked with BIND, mainly because of market share, history and
literature. Finding someone who knows DNS and can administer tinydns
will be next to impossible. AFAIK all the UNIX vendors ship BIND with
their OS. None distribute tinydns. If you install tinydns, you'll lose
whatever DNS support your OS provider supplies. I'd also say that
because BIND has been around so long, there's a lot more "real-world"
experience with it: huge zones, high query rates, interoperability
with other implementations, etc, etc. I think this is a major factor
for anyone choosing a platform for doing serious stuff with the DNS.

And all the while djb and others chuck rocks at BIND, BIND just gets
on with the job of handling 90% of the world's DNS queries and keeping
the Internet running. That's not bad going, is it? So if Dan Bernstein
has a low opinion of BIND, maybe he's right and the rest of the world
is wrong. Then again, maybe I'm biased. :-)

To be fair, tinydns was not intended to be an all-singing, all-dancing
implementation of DNS. So if you can live with its limitations and are
happy to use it, go ahead. If the software works for you and you find
it easy to administer, then use tinydns. How you run DNS at your site
is your decision after all. OTOH, maybe support matters to you? And
what do you do if/when you outgrow tinydns?

More information about the bind-users mailing list