Web lists-archives.com

Re: what are you using instead of bind9?




On 2/12/19, Andy Smith <andy@xxxxxxxxxxxxxx> wrote:
> Hi,
>
> On Tue, Feb 12, 2019 at 06:40:01PM -0500, Lee wrote:
>> What are people using these days to
>> 1. have dnssec enabled lookups
>> 2. filter external dns answers
>
> I use Unbound for resolvers.
>
> I understand that Unbound can do some RPZ-like things with its
> local-data and local-zone directives, but I've never played with RPZ so
> don't know if it can cover your use case.
>
> PowerDNS Recursor is another popular recursor. I have never used it,
> only the Auth server version, but I've found that to be high quality
> software so I'd certainly be willing to look at their Recursor product
> if I wasn't happy with Unbound. It seems to have RPZ support:

Assuming I'm looking at the correct graph
 - https://qa.debian.org/popcon.php?package=pdns-recursor
PowerDNS is trending down at ~400 users now.  Throw in an additional
filter for it's available on BSD, Linux & Windows and it looks like a
toss-up between bind & unbound.

Since I already know bind I'll stay with that.

Thanks for the info
Lee