Upgrade to Bind9.
Brad Knowles
brad.knowles at skynet.be
Mon Jun 25 15:04:32 UTC 2001
At 11:25 AM -0300 6/25/01, Fabiano Reis wrote:
> I'm searching for a good reason to upgrade from bind
> 8.2.3 to bind 9.x
>
> Someone can list some reasons?
BIND 8 is single-threaded, and does not answer queries during the
start-up process. BIND 9 is natively multi-threaded, and doesn't
have this problem.
Because BIND 8 is single-threaded, it cannot take advantage of
multiple CPUs in a server. Because BIND 9 is natively
multi-threaded, it can take advantage of multiple CPUs.
BIND 8 handles zone transfers through an external program, which
may cause significant fork()/exec() overhead if used on the master.
BIND 9 handles zone transfers internally, and does not have this
problem.
BIND 8 only partially supports some of the security and IPv6
related extensions, while BIND 9 is the reference implementation for
these features.
Current benchmarks indicate that BIND 9.1.x may be slightly
slower than BIND 8, but preliminary testing indicates that BIND 9.2.x
should be at least as fast as BIND 8, and probably faster (especially
on multiple CPU servers).
BIND 8 is the last in a long line of hacks on top of hacks on top
of hacks, whereas BIND 9 is a complete ground-up rewrite, using new
programming methods that try to help ensure that the kind of security
bugs you could have with the old version simply are not possible any
more.
That's about all I can think of, off the top of my head. Do you need more?
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list