Another drawback is that you still need to manually configure bind (and others) to only listen on particular addresses. If you're using dhcp this presents a problem, because you don't actually know the address. With bind, this is okay, mostly, because you can say to listen on everything for a particular interface (but then you can't listen on 127.0.0.1, because it's the same interface as 127.0.1.1), but other servers only have per-address configurations. The NSS plugin idea is *exactly* what NSS was designed for, and literally doesn't conflict with any name resolver in any way.
Another drawback is that you still need to manually configure bind (and others) to only listen on particular addresses. If you're using dhcp this presents a problem, because you don't actually know the address. With bind, this is okay, mostly, because you can say to listen on everything for a particular interface (but then you can't listen on 127.0.0.1, because it's the same interface as 127.0.1.1), but other servers only have per-address configurations. The NSS plugin idea is *exactly* what NSS was designed for, and literally doesn't conflict with any name resolver in any way.