alias_ip
Jeff
nospam at noway.nohow
Sat May 22 00:24:47 UTC 2004
This is great! Thanks for the info ... all i ned do now is update
my SG package script to reflect the changes..
btw, I found a brief splurb in the release notes from docs.hp.com for bind
9.2
that mentions the "listen-on" directive replacing the "alias_on"but nothing
of
the degree from the reference you gave..
Regards,
Jeff
<phn at icke-reklam.ipsec.nu> wrote in message
news:c8hf6p$2s2p$1 at sf1.isc.org...
> Jeff <nospam at noway.nohow> wrote:
> > im trying to upgrade my hp-ux box dns from 4.97 to 9.2.
> > im using the alias_ip directive in my named.boot file.
>
> > Is the "alias_ip" directive of BIND 4.9.7's named.boot file
> > a valid directive if used in BIND 9.2's named.conf file?
>
> No.
>
> > does anyone have any refernces they could point me to
> > concerning this topic?
> There is a "migration-4to9" included :
> <quote>
> Copyright (C) 2001 Internet Software Consortium.
> See COPYRIGHT in the source root or http://isc.org/copyright.html for
terms.
>
> $Id: migration-4to9,v 1.3 2001/05/19 01:20:16 gson Exp $
>
> BIND 4 to BIND 9 Migration Notes
>
> To transition from BIND 4 to BIND 9 you first need to convert your
> configuration file to the new format. There is a conversion tool in
> contrib/named-bootconf that allows you to do this.
>
> named-bootconf.sh < /etc/named.boot > /etc/named.conf
>
> BIND 9 uses a system assigned port for the UDP queries it makes rather
> than port 53 that BIND 4 uses. This may conflict with some firewalls.
> The following directives in /etc/named.conf allows you to specify
> a port to use.
>
> query-source address * port 53;
> transfer-source * port 53;
> notify-source * port 53;
>
> BIND 9 no longer uses the minimum field to specify the TTL of records
> without a explicit TTL. Use the $TTL directive to specify a default TTL
> before the first record without a explicit TTL.
>
> $TTL 3600
> @ IN SOA ns1.example.com. hostmaster.example.com. (
> 2001021100
> 7200
> 1200
> 3600000
> 7200 )
>
> BIND 9 does not support multiple CNAMEs with the same owner name.
>
> Illegal:
> www.example.com. CNAME host1.example.com.
> www.example.com. CNAME host2.example.com.
>
> BIND 9 does not support "CNAMEs with other data" with the same owner name,
> ignoring the DNSSEC records (SIG, NXT, KEY) that BIND 4 did not support.
>
> Illegal:
> www.example.com. CNAME host1.example.com.
> www.example.com. MX 10 host2.example.com.
>
> BIND 9 is less tolerant of errors in master files, so check your logs and
> fix any errors reported. The named-checkzone program can also be to check
> master files.
>
> Outgoing zone transfers now use the "many-answers" format by default.
> This format is not understood by certain old versions of BIND 4.
> You can work around this problem using the option "transfer-format
> one-answer;", but since these old versions all have known security
> problems, the correct fix is to upgrade the slave servers.
>
> <end quote>
>
> The function you ask for "alias_ip" is replaced with a config statement
> "listen-on" , a snippet from the Arm book :
> <quote>
> 6.2.14.4. Interfaces
>
> The interfaces and ports that the server will answer queries from may be
specified using the listen-on option. listen-on takes an optional port, and
an address_match_list. The server will listen on all interfaces allowed by
the address match list. If a port is not specified, port 53 will be used.
>
> Multiple listen-on statements are allowed. For example,
>
> listen-on { 5.6.7.8; };
> listen-on port 1234 { !1.2.3.4; 1.2/16; };
>
> will enable the nameserver on port 53 for the IP address 5.6.7.8, and on
port 1234 of an address on the machine in net 1.2 that is not 1.2.3.4.
>
> If no listen-on is specified, the server will listen on port 53 on all
interfaces.
>
> <end quote>
>
> a copy of the arm book is available at
"http://www.ipsec.se/dns/bind9/Bv9ARM.html"
>
>
>
> > TIA
>
>
>
> --
> Peter Håkanson
> IPSec Sverige ( At Gothenburg Riverside )
> Sorry about my e-mail address, but i'm trying to keep spam out,
> remove "icke-reklam" if you feel for mailing me. Thanx.
>
More information about the bind-users
mailing list