DNS - differences between internal and Bind9?

[Marc Muehlfeld]

Hello Charles,

Am 03.06.2013 21:56, schrieb Charles Tryon:
> Can someone point me to an up-to-date list of the differences in
> capabilities between the Samba4 internal DNS server and the Bind9 DLZ
> support?  I started using the internal server a while ago on my small test
> network, but I'm doing a presentation on Samba4 to a technical group, and
> I'd like to know what the gaps are.


Just some first things that came in my mind (Kai could surely give more):

The internal DNS
- automatically installed and used by default. No additional work 
neccessary.
- New (what doesn't mean it's bad)
- currently have problems with MX queries (but already fixed in master)


Bind DLZ
- tried and tested for many years on huge environments
- Bugs in the DLZ implementation (how it is hooked into Bind), have to 
be fixed by ISC (so bug fixing can be delayed)
- Zone transfers from/to defined hosts supported
- Needs to be reloaded, when adding/deleting a zone in AD.
- Existing Bind installations can be continued to use (even if they 
aren't integrated in Samba and can't be managed with the windows tools)
- Redirecting dedicated zones to defined other name servers
- High scalable and tested on high-load systems
- Incremental zone transfers
- Can be bind to different interfaces, than just the ones samba is 
listening on (e. g. bind listen on eth0+eth1, samba only on eth0).
- Additional resource types SPF or SSHFP
- Views
- Supports ACLs (e. g. allow/deny recursive queries by IP/ranges)
(Some of the listed aren't maybe possible to use by the DLZ module. But 
you can have zones in Bind byside Samba/AD, too)


Kai, please correct me, if something from my Bind list is possible with 
the internal DNS, too.


But if you choose the "wrong" DNS backend during provisioning, don't 
worry. You can switch:
https://wiki.samba.org/index.php/DNS#Changing_the_DNS_backend


Regards,
Marc


PS: I'll collect and put this later all to the DNS Wiki page, too.