[dns-operations] Minimalistic DNS server for SOA and AXFR

Michael Hoskins (michoski) michoski at cisco.com
Tue Jul 17 20:23:21 UTC 2012


-----Original Message-----

From: glen wiley <glen.wiley at gmail.com>
Date: Tuesday, July 17, 2012 1:15 PM
To: Paul Vixie <paul at redbarn.org>
Cc: "dns-operations at dns-oarc.net" <dns-operations at dns-oarc.net>
Subject: Re: [dns-operations] Minimalistic DNS server for SOA and AXFR
>
>Application diversity in infrastructure services is a healthy feature.
>Yes it increases maintenance effort, but at the same time it often
>decreases vulnerability to attacks and errors in the infrastructure.

sure, everything has its place...but to be fair, it can just as easily
increase vulnerability by introducing new attack vectors or back doors.

half full, half empty, or glass too big?  :-)

since learning was mentioned...as an academic exercise, i agree it makes a
lot of sense.  however, if you are writing code or building applications
others will have to maintain (possibly years after you've moved on and
strategically changed your email address and phone numbers), it's often a
better architectural choice to stick with well-known building blocks folks
off the street will be readily familiar with.

of course it can make sense to reinvent the wheel at times...  we don't
have all the use cases.  that can work too, so long as you subject the
design to adequate peer review (seems like he's doing that!) and leave
behind thorough documentation (no i'm not just talking about comments in
the code, though that's a nice start).

writing your own can solve problems, or cause them...there's no
one-size-fits-all answer.




More information about the dns-operations mailing list