Date: Thu, 01 Feb 2001 00:53:25 +0100 From: sthaug@nethelp.no To: dillon@earth.backplane.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-01:18.bind Message-ID: <28878.980985205@verdi.nethelp.no> In-Reply-To: Your message of "Wed, 31 Jan 2001 15:27:25 -0800 (PST)" References: <200101312327.f0VNRPv20077@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> You gotta work with what you have. Bind outsmarts itself in a lot > of places, especially the stupid interface scanning/binding > code. Agreed. > The > last thing I want it to do is hold *any* state from the previous > incarnation across a restart. Frankly, restarting is not a big deal > even if you have hundreds or thousands of domains. I always restarted > named at BEST rather then HUP it, becausing HUPing is simply too > dangerous when you make random modifications to dozens of primary > zone files out of thousands. Disagree. The problem here is that named stops answering queries for a long time while it is sucking in the zone files. This is mostly a problem for servers with many thousands of domains - but in those cases it can be quite noticeable. Here's a server with 14000 zones: Jan 28 22:22:31 nn named[8645]: starting (/etc/named.conf). named 8.2.3-REL ... Jan 28 22:33:26 nn named[8740]: Ready to answer queries. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28878.980985205>