I need Arguments: Bind 9 vs. MS DNS (Win2000)

[Kevin Darcy]

1. Supportability
    a. because you're already using BIND and wouldn't have to retrain nearly as
much
    b. because the Linux platform is much more "scriptable" for common
administration tasks; you can ssh, scp, etc. much more easily between boxes;
cron; syslog; etc. etc.
2. Standards Conformance, particularly the ability to use standard TSIG for
signing Dynamic Updates as opposed to the non-/semi-standard GSS-TSIG.
3. Cost, once all of the M$ licensing fees are taken into consideration, as
well as the fact that the Linux/BIND combo probably runs on cheaper hardware
than M$ for a given load.

(Tentatively, security could be another bullet point, but BIND's recent
security track record isn't exactly spotless. When considering security,
however, the security of the whole *system* needs to be looked at, not just the
security of one piece of software running on the system. Win2K isn't exactly a
shining example of a secure OS. Admittedly, this is a harder argument to make
than the others above).

In our case, we're using MS-DNS for two zones of our Active Directory DNS
hierarchy, and BIND for one zone. Note that this is just for the SRV records
that the Domain Controllers write, however. We don't implement client
registration. So this probably makes our Win2K implementation rather atypical.


- Kevin

Stefan Kaifer wrote:

> Hello,
>
> our company will migrate NT4 to Win2000. Now we have to decide which DNS we
> should use:
>
> MS DNS or Bind 9
>
> So far we use Bind 8.3.x (Linux). It works very, very good. We have to
> provide DNS/DHCP,etc for about 10.000 clients world-wide.
>
> Please post me arguments for and against MS DNS or Bind. Please post me also
> any experiences, that you made with Win2000 clients + DNS.