Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 5 Aug 2007 21:21:52 +0400 (GST)
From:      Rakhesh Sasidharan <>
To:        Doug Barton <>
Cc:        Zbigniew Szalbot <>, Rakhesh Sasidharan <>, "A.G. Russell IV" <>, Jeffrey Goldberg <>, Freebsd questions <>
Subject:   Re: Waiting for BIND security announcement
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <> <> <> <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
>> This has probably been asked before,
> Heh, no, never. :)

That's a relief. :)

>> but if BIND is available in ports then why is it also available in
>> contrib?
> Couple of reasons, of relatively equal importance depending on who you
> speak to. BSD systems have "always" (I haven't verified this, but
> people who should know have told me) shipped with dns stuff on board,
> so there is resistance to the idea of stripping it out for that
> reason. The other thing that is a concern to a lot of people is that
> BIND is more than just named. Take a look at the WITHOUT_BIND* knobs
> in src.conf(1) in 7-current or make.conf(1) in 6-stable to get an idea
> of how things break down. I have a standing offer to either remove
> BIND from the base, or flip the defaults for some of those knobs to
> "NO" if the community wants it that way.

Makes sense. So to summarize the answer to my question:

* BIND is there in contrib coz lot of stuff depends on it and so its best 
left there.

* BIND is also there in ports coz the one there offers you a lot more 
build time options, is newer, gets updates faster, and is also easier to 
get up and running with out of the box (in some situations atleast).

Neat! :)

>> Are there any benefits in choosing the one in contrib over the one
>> in ports?
> Advantage to the one in contrib is that it's right there, and the new
> default named.conf (and associated files) makes it possible to start
> up a local resolver "out of the box."
> If you want a greater degree of freedom in build-time configuration,
> or you want a version other than what is in your base (for example,
> you want to use 9.4.x but you're on a 6-stable machine), then you can
> use the ports. The ports also have an option to overwrite the files in
> the base if that makes things easier in your environment.
> hth,



> Doug
> -- 
>    This .signature sanitized for your protection

Want to link to this message? Use this URL: <>