djbdns Following a recent conversation on the mailing list, here is some complimentary [djbdns] hype:

Well, basically it's just incredibly well written software. Dan
is obsessed with security and efficiency (as reading the code
will show). The cache is immune to cache poisoning unlike other
DNS implementations and on a small network such as mine, the
cache barely uses any RAM. It's very easy to set up and as far
as I know there hasn't actually been a single published
vulnerability in it in some 9 years of circulation. It's
chrooted and runs as non-root by default, so that's a bit of
added peace of mind.

I've installed a DNS cache and private DNS server for my network
and the entire installation consisted of the following commands
(there would have been even fewer commands if I'd installed it
from a source package but I was installing it on a machine
lacking a compiler for security reasons). Assuming that I've
just typed 'make setup check' and the binaries have been

 # useradd -g nogroup -d /nonexistant -s /sbin/nologin Gdnscache        
 # useradd -g nogroup -d /nonexistant -s /sbin/nologin Gdnslog         
 # dnscache-conf Gdnscache Gdnslog /etc/dnscache         
 # ln -s /etc/dnscache /service                        
 # touch /etc/dnscache/root/ip/192.168.3                    
 # touch /etc/dnscache/root/ip/192.168.2                    

Now every machine in and can use the
cache. To increase the memory usage for better caching:

 # echo 32000000 > /etc/dnscache/env/CACHESIZE                 
 # echo 34000000 > /etc/dnscache/env/DATALIMIT                 
 # svc -t /service/dnscache                          

Now to add the DNS server to publish addresses of machines on the

 # useradd -g nogroup -d /nonexistant -s /sbin/nologin Gtinydns        
 # tinydns-conf Gtinydns Gdnslog /etc/tinydns            
 # ln -s /etc/tinydns /service                         
 # echo '' > /etc/dnscache/root/servers/       
 # echo '' > /etc/dnscache/root/servers/    
 # echo '' > /etc/dnscache/root/servers/    
 # cd /etc/tinydns/root                            
 # ./add-ns                    
 # ./add-ns                  
 # ./add-ns                 
 # ./add-ns                 
 # ./add-host              
 # ./add-host                 
 # ./add-host              
 # make                                    
 # svc -t /service/tinydns                           

That's the entire installation procedure. It took some 20 minutes
and has worked absolutely flawlessly ever since. The machine it's
running on is a P3 450mhz with 128mb RAM and yet it doesn't miss
a beat when 4-5 machines are deliberately flooding it with queries.