Slashdot Mirror

← Back to Stories (view on slashdot.org)

Root-server switches from BIND to NSD

Posted by ryuzaki0 on from the invulnerability-through-diversity dept.

A Sorry End writes "It appears that one of the 13 root-servers, the core of DNS name resolution, have moved away from BIND to NSD since wednesday, Feb 19th, 2003, which is a Good Thing. Since the 26th of october 1990, all root-servers have been running BIND. According to this message, this change was designed to increase the diversity of software in the root name server system, the lack of which is widely considered to be a potential vulnerability. The nsd software has been designed from scratch specifically as an authoritative name server. It has no design commonalities with bind, the currently prevalent DNS implementation. In addition to that nsd provides a significant increase in the performance reserve of k.root-servers.net. NSD was developed at NLnet Labs in coorperation with RIPE."

15 of 251 comments (clear)

  1. Hehe by zapfie · · Score: 2, Funny

    Well.. I guess they're not in a BIND anymore!

    ...god, that was the worst joke ever. Someone shoot me.

    --
    slashdot!=valid HTML
    1. Re:Hehe by DonkeyJimmy · · Score: 3, Funny

      ...god, that was the worst joke ever. Someone shoot me.

      I would shoot you, but I can't find you because your name isn't resolving for some reason.

      --
      "Probably the toughest time in anyone's life is when you have to murder a loved one because they're the devil." -Philips
    2. Re:Hehe by teamhasnoi · · Score: 2, Funny
      However, the admins of the new servers seem to have NSD cold.

      I may have taken that bullet for you...

  2. Diversity? by Anonymous Coward · · Score: 3, Funny

    Man, my company would be majorly pissed off. We don't want diversity, we want conformity!! All systems should be running one OS for ease of administration and that OS should be Windows2000. Thankfully I'm offsite and use Linux. ;-)

  3. Re:So how secure is it? by Anonymous Coward · · Score: 4, Funny

    Because BIND is a rock of stability.

  4. they should use djbdns by Anonymous Coward · · Score: 5, Funny

    Really, look at all the advantages of djbdns:

    * free software, under the BSD license (makes it easy to redistribute binaries)

    * easy package-based installer (easy to find everything, or to install djbdns in different locations)

    * easy to configure with a single config file

    * great support from the author, who's a really friendly guy.

    Oh wait. NONE OF THAT IS TRUE. Never mind.

    1. Re:they should use djbdns by Beatbyte · · Score: 2, Funny

      Anonymous? I THINK NOT!

      --
      Get paid to code OSS
  5. Re:Similar by squiggleslash · · Score: 3, Funny
    This sounds a little to general to me, almost PR'ish.

    It has no design commonalities with bind

    What does that REALLY mean?
    It's true. They didn't even look at the same RFCs... ;-)
    --
    You are not alone. This is not normal. None of this is normal.
  6. affirmative action by Bull999999 · · Score: 5, Funny

    What they didn't tell you was that the move was mostly due to affirmative action, to ensure diversity on the Internet. Why do you think that IIS is still hanging around?

    Affirmative action: More than just for humans.

    --
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
  7. Back to switchboards by binaryDigit · · Score: 5, Funny

    I think they should replace the root dns servers with an old fashion switchboard. I envision a large room in the bowels of VeriSign "manned" by an army of women wearing grey suits with horn rimmed glasses. A dns request will come in via pnuematic tube, the operator will pull one spring loaded ethernet cable from her console and plug it into the correct corresponding jack.

    While being resistant to any port based DDOS attacks, they would be DOSable by having some hunky dude drink a pepsi outside their window.

  8. Acronyms galore by ruiner13 · · Score: 4, Funny

    Wow, all those acronyms are making my head spin. Sigh. What does the NSA think about the DNS servers switching from BIND to SND? Does it make thier TPS reports PDQ? I'd sure hope it uses SQL somehow too.

    --

    today is spelling optional day.

  9. Security through _______ by Neillparatzo · · Score: 5, Funny
    Isn't it bad luck to have 13 root servers?

    I mean if you're going to be superstitious to the point of worrying about code diversity or eyeballs-per-source-file, I think this is an issue that needs to be addressed.

    1. Re:Security through _______ by TeknoHog · · Score: 2, Funny
      > Isn't it bad luck to have 13 root servers?

      No, but it's bad luck to be superstitious.

      --
      Escher was the first MC and Giger invented the HR department.
  10. Only... by devphil · · Score: 5, Funny


    ...if the 14th is named bilbo.root-servers.net, and is added specifically for the purpose of breaking the bad luck.

    Sorry, heavy geek moment there.

    --
    You cannot apply a technological solution to a sociological problem. (Edwards' Law)
  11. Exactly! by sterno · · Score: 4, Funny

    I mean look at Windows. It's had this long reputation of being insecure, so naturally everybody assumes it still is. When really it's... oh... nevermiond.

    --
    This sig has been temporarily disconnected or is no longer in service