[nsd-users] Best practices to switch from BIND to NSD

Anand Buddhdev anandb at ripe.net
Fri Jun 8 09:48:34 UTC 2012


On 08/06/2012 11:24, Alexandre Maumené wrote:

Hi Alexandre,

> I'm a sys admin and currently working for a french hosting company.  We
> provide DNS services to our customers and at the moment we are using BIND
> on Debian servers.  BIND is a good software but we don't need a recursing
> DNS for our public DNS, and we needed better security than what BIND provides.
> So I made the suggestion to replace BIND by another DNS software.
> NSD appears to be the best alternative.
> 
> I'm currently writing some scripts to help the migration process, but I'd
> like to know if something already exists to help me in this task. If not I
> probably will make my scripts public and post it to this mailing-list.
> 
> I also would like to know if you have some best-practices about NSD in
> general.

In general, NSD works well as a replacement for BIND as an
authoritative-only server. However, it lacks one feature, which may, or
may not be important to you: you cannot add zones to, or remove them
from NSD without a restart. If you want to add a new zone, or remove
one, you have to stop NSD completely, rebuild the zone database, and
then start it again. This will cause downtime. Keep this in mind when
making your switch to NSD.

Regards,

Anand Buddhdev
RIPE NCC



More information about the nsd-users mailing list