Subject: Re: BIND/Hesiod
To: Ted Lemon <mellon@fugue.com>
From: Michael L. VanLoon -- HeadCandy.com <michaelv@HeadCandy.com>
List: current-users
Date: 09/01/1995 22:24:25
>> I'm personally not familiar with Hesiod, but as long as it can co-exist 
>> with YP ...... :-)

>Hesiod is just another way of distributing databases like /etc/passwd,
>/etc/services, /etc/groups, and so on.  It uses DNS, which is (IMHO)
>slightly more robust and less easily subverted than NIS, and doesn't
>claim to provide authentication (authentication is Kerberos's job), so
>as part of a complete system, I think it's a much better solution.  It
>certainly has a smaller installed base than NIS, though.

I keep hearing this argument, and it's only true if looked at in a
certain direction.  True, more sites probably use YP, but probably
because it just comes as an automatic part of the system.

On the other hand, it suffers badly when scaled to large sites.  So, I
could also make the argument that more small sites use YP, but the
largest sites use Hesiod.  Now, how do we count which is used more?
:-)

Iowa State, being the second largest Athena site outside of MIT, made
extensive use of Hesiod.  And integrating a NetBSD system into that
environment wasn't always trivial.  At the very least, it could be
frustrating and time consuming because you had to do all the Hesiod
and Kerberos integration yourself each time.

Iowa State has roughly 850 Unix workstations in a homogonous,
distributed network, with roughly 25,000 user accounts, all
coordinated comfortably by Hesiod databases, and authenticated with
two Kerberos servers.  And that doesn't count the Eudorized PC's and
Macs all over the place, or Linux/FreeBSD/NetBSD boxes connected to
the ethernet in peoples' dorm rooms.  Last I heard, MIT had around
1500 (probably more now) Unix workstations, with a similar number
accounts.  I have no idea how many machines DEC (an Athena proponent)
has on their internal net, but I'm sure it's a large number.  I just
don't see any sites this size using YP (or at least doing so without
cursing everyone in site).

Now, how do you count which is more heavily used?

So, once again, I feel either exclude all this stuff, YP included, and
make it all a user-specified add-on, or make a way to include the
users's choice.  I feel the same way about the authentication stuff
re: Kerberos and S/Key.

Anyway... I've babbled on long enough... I think you get my point.

-----------------------------------------------------------------------------
  Michael L. VanLoon                                 michaelv@HeadCandy.com
       --<  Free your mind and your machine -- NetBSD free un*x  >--
     NetBSD working ports: 386+PC, Mac, Amiga, HP300, Sun3, Sun4, PC532,
                           DEC pmax (MIPS R2k/3k), DEC/AXP (Alpha)
     NetBSD ports in progress: VAX and others...
-----------------------------------------------------------------------------