BIND8 entering end of life; changes to ftp.isc.org (affects mirrors)

[John Wobus]

> There is no pain in moving to Bind9.

No more pain than the usual twinge associated with replacing the  
software
for a piece of your infrastructure that all your organization's internet
activity depends upon 7x24, with software that has different memory and
CPU needs, that has differences in its configuration rules and  
definitions
(e.g. logging channels), that has a different control program (rndc  
versus ndc),
that has modified^H^H^H^H^H^H^H^Hcorrected rules regarding what is
allowed in your your zone files, and has additional restrictions upon  
what it
will cache.

John

P.S. I'm used to BIND9.  I like BIND9.  I especially like that it is  
more secure.
I suggest anyone making that transition refer to the Top Nine Gotchas:
http://www.oreillynet.com/pub/a/oreilly/networking/news/ 
dnsandbind_0401.html
With the BIND8 end of life, someone might earn the title of good  
citizen by
updating and amplifying this document.  And if they provided a program  
or script
that pokes around and reliably identifies specific 8-to-9 issues, well,  
they'd be
up for sainthood.

Occasionally someone tells us our DNS server isn't caching some  
particular
Internet name and the issue turns out to be BIND9's restrictions to  
defend against
poisoning.  Based upon the surprise and utter amazement of many DNS  
admins
when the issue is explained to them, I gather that software other than  
BIND9 (e.g.
BIND8?) constitutes a huge portion of the current DNS infrastructure.