From owner-freebsd-questions@FreeBSD.ORG Sun Aug 5 16:49:30 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EADAD16A419 for ; Sun, 5 Aug 2007 16:49:30 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with SMTP id A9CDA13C46E for ; Sun, 5 Aug 2007 16:49:30 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 7739 invoked by uid 399); 5 Aug 2007 16:42:49 -0000 Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTP; 5 Aug 2007 16:42:49 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <46B5FE07.5080004@FreeBSD.org> Date: Sun, 05 Aug 2007 09:42:47 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.6 (X11/20070803) MIME-Version: 1.0 To: Rakhesh Sasidharan References: <499c70c0707260136hea82f27s87dfa53432d0e409@mail.gmail.com> <94c6ae7ae570814564d364bfe9aad8ea@szalbot.homedns.org> <20070801030504.GA3773@bifrost.agrussell.com> <426DE541-FB51-44FF-B7F4-B34E0F9A7861@goldmark.org> <46B0DB5F.4020401@FreeBSD.org> <60BEAECB-C72A-46B3-90D7-F3AB8778605D@goldmark.org> <46B0F17C.2010506@FreeBSD.org> <20070805091932.B67919@scrat.home.rakhesh.com> In-Reply-To: <20070805091932.B67919@scrat.home.rakhesh.com> X-Enigmail-Version: 0.95.1 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Zbigniew Szalbot , "A.G. Russell IV" , Jeffrey Goldberg , Freebsd questions Subject: Re: Waiting for BIND security announcement X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2007 16:49:31 -0000 Rakhesh Sasidharan wrote: > This has probably been asked before, Heh, no, never. :) > but if BIND is available in ports then why is it also available in > contrib? Couple of reasons, of relatively equal importance depending on who you speak to. BSD systems have "always" (I haven't verified this, but people who should know have told me) shipped with dns stuff on board, so there is resistance to the idea of stripping it out for that reason. The other thing that is a concern to a lot of people is that BIND is more than just named. Take a look at the WITHOUT_BIND* knobs in src.conf(1) in 7-current or make.conf(1) in 6-stable to get an idea of how things break down. I have a standing offer to either remove BIND from the base, or flip the defaults for some of those knobs to "NO" if the community wants it that way. > Are there any benefits in choosing the one in contrib over the one > in ports? Advantage to the one in contrib is that it's right there, and the new default named.conf (and associated files) makes it possible to start up a local resolver "out of the box." If you want a greater degree of freedom in build-time configuration, or you want a version other than what is in your base (for example, you want to use 9.4.x but you're on a 6-stable machine), then you can use the ports. The ports also have an option to overwrite the files in the base if that makes things easier in your environment. hth, Doug -- This .signature sanitized for your protection