Upgrading to BIND9 (was Re: bind8.2 security issues)
Jim Reid
jim at rfc1035.com
Mon Jul 1 15:20:44 UTC 2002
>>>>> "Steve" == Steve Foster <fosters at uk.psi.com> writes:
Steve> i decided to build from scratch, and it seems to have gone
Steve> okay. I have started named with a modified version of the
Steve> named.conf i used to use for our 8.2.3 installations,
Steve> certain things had to be removed for it to start, such as
Steve> the following:
Steve> named-xfer "/usr/local/sbin/named-xfer" ;
Steve> topology { localhost; localnets; { 154.32/16; }; };
These are not in BIND9. The former is obsolete and the latter is not
implemented. Did you read the documentation, especially the BIND9
migration notes in doc/misc/migration? Legacy syntax from BIND8 config
files is parsed but otherwise ignored by the BIND9 server, apart from
warnings in the logs.
Steve> Are these not used anymore, and is there an equivalent of
Steve> named-xfer, this is not something i need now, but will be
Steve> when/if i build my secondary and primary servers???
The BIND9 name servers handles inbound zone transfers itself. There's
no need for it to have a separate executable to do this, unlike BIND4
or BIND8.
Steve> Do i need to worry anout rndc.key, or is this for something
Steve> else other than resolving, and is there any specific
Steve> options for named.conf to fix the "couldn't add command
Steve> channel 127.0.0.1#953: file not found" error.
Read the migration notes. BIND9 uses a new protocol and program to
control the name server. The program is called rndc and it supersedes
ndc. The migration notes have a reference to rndc-confgen which is the
utility used to create the named.conf statements needed to set up the
server side of the rndc control socket. [Though if you read the ARM
and man page for rndc, you shouldn't need a utility to create those
statements for named.conf.] The log messages are telling you the
server didn't create this socket (=> you can't control the name server
with rndc) because it doesn't do this unless the server's explicitly
told about it in named.conf.
Steve> my conf file is attached below, i couldn't find a sample
Steve> resolver file, or does anybody have a 9 specific one i can
Steve> review.
The syntax and contents of resolv.conf does not change between BIND8
and BIND9.
More information about the bind-users
mailing list