[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-misc
Subject:    Re: Help with updating to BIND 9.1.1
From:       "Christian J Hedemark" <chris () yonderway ! com>
Date:       2001-12-30 7:23:37
[Download RAW message or body]

Darren asks:

> I have read in the obsd FAQ and see that default BIND for obsd is bind v4?
> I wonder why the default isn't v9?

Perfectly fair question.  Unfortunately I predict you will be met with some
pretty not-nice responses from a few in this crowd.

The short plain english answer is that BIND 9.x is riddled with bugs &
security holes you could drive a bus through.  The OpenBSD team took an
older version of BIND, audited the code, fixed all of the bugs, and stuck
with it.  It doesn't have all of the whizbang features of 9.x but in my own
experiments putting it on a hostile high-speed network for a couple of
months, the kiddies tried and tried but couldn't get in.  This was out of
the box OpenBSD 2.8 with BIND enabled and a couple of zones added, but no
tweaking or hardening beyond what the system came with out of the box.

> Is it recommended that i update to bind 9, or is there a reason I would
> want to stay at bind 4?

Darren I would ask you a question in return... is BIND 4 enough for you or
is there some feature in BIND 9 that you have to have and can't live
without?

Reverend Christian J Hedemark II
Hillsborough, NC
http://yonderway.com/chris

Jesus said to them, "I am the bread of life;  he who comes to Me will not
hunger, and he who believes in Me will never thirst."  (John 6:35 - NASB)

[prev in list] [next in list] [prev in thread] [next in thread]