Slashdot Mirror

← Back to Stories (view on slashdot.org)

Root-server switches from BIND to NSD

Posted by ryuzaki0 on from the invulnerability-through-diversity dept.

A Sorry End writes "It appears that one of the 13 root-servers, the core of DNS name resolution, have moved away from BIND to NSD since wednesday, Feb 19th, 2003, which is a Good Thing. Since the 26th of october 1990, all root-servers have been running BIND. According to this message, this change was designed to increase the diversity of software in the root name server system, the lack of which is widely considered to be a potential vulnerability. The nsd software has been designed from scratch specifically as an authoritative name server. It has no design commonalities with bind, the currently prevalent DNS implementation. In addition to that nsd provides a significant increase in the performance reserve of k.root-servers.net. NSD was developed at NLnet Labs in coorperation with RIPE."

5 of 251 comments (clear)

  1. they should use djbdns by Anonymous Coward · · Score: 5, Funny

    Really, look at all the advantages of djbdns:

    * free software, under the BSD license (makes it easy to redistribute binaries)

    * easy package-based installer (easy to find everything, or to install djbdns in different locations)

    * easy to configure with a single config file

    * great support from the author, who's a really friendly guy.

    Oh wait. NONE OF THAT IS TRUE. Never mind.

  2. affirmative action by Bull999999 · · Score: 5, Funny

    What they didn't tell you was that the move was mostly due to affirmative action, to ensure diversity on the Internet. Why do you think that IIS is still hanging around?

    Affirmative action: More than just for humans.

    --
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
  3. Back to switchboards by binaryDigit · · Score: 5, Funny

    I think they should replace the root dns servers with an old fashion switchboard. I envision a large room in the bowels of VeriSign "manned" by an army of women wearing grey suits with horn rimmed glasses. A dns request will come in via pnuematic tube, the operator will pull one spring loaded ethernet cable from her console and plug it into the correct corresponding jack.

    While being resistant to any port based DDOS attacks, they would be DOSable by having some hunky dude drink a pepsi outside their window.

  4. Security through _______ by Neillparatzo · · Score: 5, Funny
    Isn't it bad luck to have 13 root servers?

    I mean if you're going to be superstitious to the point of worrying about code diversity or eyeballs-per-source-file, I think this is an issue that needs to be addressed.

  5. Only... by devphil · · Score: 5, Funny


    ...if the 14th is named bilbo.root-servers.net, and is added specifically for the purpose of breaking the bad luck.

    Sorry, heavy geek moment there.

    --
    You cannot apply a technological solution to a sociological problem. (Edwards' Law)