Path: utzoo!attcan!uunet!mitel!sce!scs!spl1!gargoyle!tank!ncar!ames!sgi!vjs@rhyolite.wpd.sgi.com From: vjs@rhyolite.wpd.sgi.com (Vernon Schryver) Newsgroups: comp.protocols.tcp-ip Subject: Re: Domain Name Screaming Summary: DNS is good if it fits the need Message-ID: <37409@sgi.SGI.COM> Date: 3 Jul 89 19:17:09 GMT References: <37397@sgi.SGI.COM> <8907022301.AA01289@erendira.arc.nasa.gov> Sender: daemon@sgi.SGI.COM Organization: Silicon Graphics, Inc., Mountain View, CA Lines: 41 In article <8907022301.AA01289@erendira.arc.nasa.gov>, medin@NSIPO.NASA.GOV ("Milo S. Medin", NASA ARC NSI Project Office) writes: > > This is silly. Either the DNS is fully authoritative or it isn't... > > Note that I've talked about replacing just the YP hostinfo code. The rest of > the YP system is left intact (so automounter and the rest work fine) to > use if you want... This is reasonable, but there is a minor hassle. The named stuff I know about is not nearly as easy to set up in a small site as YP. There is more typing, and room for choice with 4.3+ named configuration files. Given that DNS is more powerful, one would be surprised if it were otherwise. In its current state, named is more appropriate for sites such as ours with network hacks who like to fiddle with resolv.conf's, named.boot's, .rev files, and so on. Is there an alternative to a resolv.conf listing the servers on each client? The broadcast RPC of YP is insecure, but it is easier to reassign servers. Named is also a bit unforgiving--ever notice what happens if you happen to put a period after a host address in a database file? You define a name=-1. Don't forget the fun chaos one can make with resolver loops. Obviously, most of these are characteristics of the 4.3 implementation and not DNS itself. Many (but not all) of the well known bad parts of YP are implementation shortcomings rather than protocol botches. Notice that the vast majority of all workstations do not have access to the Internet, are on very small networks, and do not have an a priori need for DNS. Always relying on either DNS or YP is an incomplete answer. It is sometimes necessary to have your own, private extensions to the central government's data. For example, imagine that you do not have root passwords for the DNS/YP server(s), and that you want to use rcp to a host which is not correctly in the databases--maybe one of central governments has not processed the paper work needed before adding a new hostname, or made a mistake. Vernon Schryver Silicon Graphics vjs@sgi.com