compilation bug fix for bsds

Sam Trenholme strenholme.usenet at gmail.com
Thu Dec 30 14:58:33 EST 2010


> OpenBSD.

MaraDNS 2.0 (using Deadwood for recursion) is a much better choice for
OpenBSD than MaraDN 1.4; the reason is because Deadwood (MaraDNS 2.0's
recursive daemon) is non-threaded.  MaraDNS 1.4 spawns a thread every
time a client asks for a name not in the recursive cache; this kills
performance on OpenBSD.

The main issue with MaraDNS 2.0 is that it was only released about
three months ago so there are still some rough edges in the code which
I hope to have time to work on.  My most current blog about MaraDNS is
here:

http://samiam.org/blog/maradns.html

Personally, I think the best DNS solution for OpenBSD (if one elects
not to use its build of BIND9) is either MaraDNS 2 or your choice of
some patched version of DJBdns.  Both are excellent software programs;
MaraDNS has the advantage that I, the primary author, am still here
and am still maintaining the package. [1]

Unbound is a good choice if DNSsec is needed.

The best list of DNS servers out there is here:

http://linuxmafia.com/faq/Network_Other/dns-servers.html

This discusses all of the known patched versions of DjbDNS and pretty
much any other open-source DNS server.

- Sam

[1] Yes, it is true that on a personal level I do not like djbdns.  My
issue with djbdns is that its userbase has had too many rude, annoying
fanboys and trolls.  Fanboys who tried to cover up [2] djbdns' first
security problem when it was found over three years ago.  DJB has a
responsibility to put a leash on the unprofessional behavior of his
more fanatical users; the fact that he has not reflects poorly on his
software.

This is all a non-issue today; the fact that there are three known
security problems in DJB's last release of djbdns and the fact that
DJB has stopped maintaining his program nearly a decade ago have taken
the wind out of the sails of the arguments to use djbdns.

I have a number of rants about djbdns:

http://maradns.blogspot.com/search/label/DjbDNS

Again, my personal issues aside, djbdns is an excellent program **if
you use a patched version like zinq-dnscache**.

[2] http://en.wikipedia.org/w/index.php?title=Djbdns&action=historysubmit&diff=159822066&oldid=141354854


More information about the list mailing list