By the development of qmail become Daniel amber already admits, with djbdns an implementation of a DNS server of the public made available. A reason for the development of djbdns were constantly again and again the arising safety problems within BIND.Dan amber, a developer its special attention toward the security of its applications is directed probably, 500 USD out to that person wrote, who finds and prove can a safety problem of djbdns. This price was not continued to support to date ever disbursed, which the statement of Dan amber was, djbdns more surely as if BIND. It gives however for qmail some well-known of nose, which abstreitet Dan amber however, so that the Nichtauszahlung does not have to mean anything.

Detail

The concept of djbdns stands strongly in the contrast to from BINDS all functionality from the DNS server to the zone transfer service into a Daemon packs, then this function range is divided with djbdns into several components: (not all components are treated here)

dnscache

A DNS resolver and like the name already says a DNS Cache. It answers to inquiries over FQDN (fully qualified domain names) in which it the appropriate Domainnamen of the root zone (.) away, piece by piece dissolves. The results were exceeded thereafter to the adjusted Cache Size are reproached or the TTL (Time to Live) of the respective Domainnames ran off.

tinydns

A DNS server only of the inquiries over Domainnamen answered, which are present in its own data base, other inquiries without further reaction are rejected. The configuration of tinydns differs very strongly from from BINDS. While with BIND a zone file for each IP-Subnetz individually one furnishes, this allocation is missing, a only one central configuration file is used with tinydns.

rbldns

Spammails became/ever more to the problem, why Blacklistserver were made available, the open Relays and other Spammer over their IP address will expose. Dan amber wrote and published a Daemon, which can receive such inquiries with rbldns and it passes on to the appropriate Blacklistserver and which result buffers.

axfrdns

This Daemon is responsible for answers by TCP, which is for example necessary, if answer packages for UDP are too long (longer than 512 byte). It avails itself from the same data base as tinydns and can be regarded as addition its. Further the enterprise of a Daemons, which listens on TCP, is demanded by the RFC 1035: "“The Internet support name server ACCESS using TCP on server haven 53 (decimal) as wave as datagram ACCESS using UDP on UDP haven 53 (decimal). "“DJBs position in addition is that one made somewhat wrong, if inquiries must be answered by TCP. (see in addition) additional supported axfrdns zone transfers by AXFR, this is however according to standard deactivated and should be de-energised for each zone and Slave IP individually.

License

A very controversial topic in connection with Dan amber is the unusual license, and/or the absence of a license, under which it publishes many of its projects. The source code of its programs is made available publicly, however Mr permits. Amber no changes in the source code, which makes it difficult to take up djbdns to a distribution. In addition see some "“open SOURCE"” - developers by this license the open SOURCE thought hurt and boycott thus djbdns and qmail.

Related links

• http://cr.yp.to/djbdns.html

Articles in category "Djbdns"

We found here 15 articles.

Related Websites

We found here 3 related websites.

• cr.yp.to
  DJ Bernstein's home page;; the qmail home page;; the djbdns home page;; the daemontools home page;; the ucspi-tcp home page;; the cryptography page; ...


• Djbdns
  Finding addresses of computers around the Internet. How to install djbdns · How to run a cache on a workstation · How to run a computer without a cache ...


• How to install djbdns
  Like any other piece of software (and information generally), djbdns ... Before installing djbdns, install daemontools 0.70 or above, and install ucspi-tcp. ...