Non User
Index: > A B C D E F G H I J K L M N O P Q R S T U V W X Y Z	Business Non User Industries Finance Tax

Home > Djbdns

djbdns is a simple and secure DNS implementation created by Daniel J. Bernstein because he was fed up with repeated BIND security holes. There have been no security bugs found in djbdns since version 1.0, and there is an as-yet-unclaimed $500 prize for the first person to find a security hole.

djbdns consists of 6 servers:

• dnscache -- the local dns resolver and cache.
• tinydns -- a database-driven dns server.
• walldns -- a "reverse DNS wall", providing IP to domain name lookup only.
• rbldns -- a server designed for dns blacklisting service.
• pickdns -- a database-driven server that chooses from matching records depending on the requester's location. (This feature is now a standard part of tinydns.)
• axfrdns -- a zone-transfer server.

a number of client tools:

• axfr-get -- a zone-transfer client.
• dnsip -- simple address from name lookup.
• dnsipq -- address from name lookup with rewriting rules.
• dnsname -- simple name from address lookup.
• dnstxt -- simple text record from name lookup.
• dnsmx -- mail exchanger lookup.
• dnsfilter -- looks up names for addresses read from stdin, in parallel.
• dnsqr -- recursive general record lookup.
• dnsq -- non-recursive general record lookup, useful for debugging.
• dnstrace (and dnstracesort) -- comprehensive testing of the chains of authority over dns servers and their names.

and associated configuration tools.

djbdns splits off different features and services, like AXFR zone transfers, into separate programs. Zone file parsing, DNS caching, and recursive resolving are also implemented as separate programs. The result of these design decisions is a dramatic reduction in code size and complexity of the daemon program that answers lookup requests. Daniel J. Bernstein (and many others) feel that this is true to the spirit of the Unix operating system, and makes security verification much simpler.

While djbdns is according to its author free to use, to redistribute unmodifed, to modify for oneself, and to make patches available for; and the source code for it is open to inspection and publicly available; permission is required to distribute modified versions. So while it is free software in the first sense it is not quite free software in the second sense.

See also: qmail.

External links

• djbdns official homepage
• A guide to DJBDNS
• The djbdns section of FAQTS
• Unofficial website
• A djbdns guide and tutorial with addon
• Jonathan de Boyne Pollard's debunking of several myths relating to djbdns
• Jonathan de Boyne Pollard's list of the several known problems in djbdns

Politics	Business	Finance

Topics: Djbdns Lookup Dns Security Server Simple Software Free Address...

---

Djbdnsdjbdns is a simple and secure DNS implementation created by Daniel J. Bernstein because he was fed up with repeated BIND security holes. There have been no security bugs found in djbdns since version 1. 0, and for the first person to find a security hole.