[Cialug] Open source DNS software dominates

[Nicolai]

Hey all,

Yesterday and today I took a look at the DNS configurations of cialug
mailing list subscriber domains.  Here's the rundown using fpdns (BSD
license) for fingerprints:

 173 ISC BIND 9.2.3rc1 -- 9.6.1-P1
  20 DJ Bernstein TinyDNS 1.05
  13 ISC BIND 9.2.3rc1 -- 9.6.1-P1 [recursion enabled]
   5 sourceforge Dents
   5 Nominum ANS
   4 XBILL jnamed (dnsjava
   4 ISC BIND 8.3.0-RC1 -- 8.4.4
   2 bboy MyDNS
   2 Microsoft Windows DNS 2000
   2 ISC BIND 8.2.2-P3 -- 8.3.0-T2A

Open source clearly dominates DNS in this test case but it's true
elsewhere, too.  With the exceptions of Nominum ANS and Microsoft
Windows DNS 2000, all other servers are open source.

Open source: 223
Proprietary: 7

So, there were appproximately 173+13=186 IPv4 addresses running BIND
9.2.3rc1 -- 9.6.1-P1 and 20 running tinydns.  10 of the 13 open BIND
servers appear to be true open resolvers.  That should be fixed.

What surprised me was that there are zero users of NSD from NLnet Labs.
Personally I use tinydns but if I wanted a BIND-style approach to
authoritative DNS it would have to be NSD.  You get the same
functionality with 1/10 the security holes.

I also ran dnstrace (public domain, from djbdns) on all the domains and
found a few lamely delegated servers.  2/3 such domains are running
BIND while the other one came up as "No match found."

There are currently 307 cialug list members from a total of 166 hosts.
Here are the top domains:

     77 gmail.com
     19 mchsi.com
     14 yahoo.com
     10 hotmail.com
      5 aol.com
      4 netins.net
      4 internetsolver.com
      4 iastate.edu
      3 mac.com
      3 drake.edu

If you want to play with the software I used, you can find it here:

 https://code.google.com/p/fpdns/

 http://cr.yp.to/djbdns.html

Nicolai