DNSSEC, Single DNS, NAMED...

Jim Reid jim at rfc1035.com
Thu Oct 26 23:15:41 UTC 2000


>>>>> "Don" == dpoole027  <dpoole027 at my-deja.com> writes:

    Don> After reading THE book and reference manual; installed new
    Don> official BIND9 on Tru64, DNSSEC related files are not
    Don> found. The release file was downloaded straight from the
    Don> ftp.isc.org site. Should DNSSEC be part of the compressed
    Don> file?

What do you mean by this? Are you saying the tarball doesn't contain
the lib/dns/sec directory with all the crypto stuff and lib/dns/rdata
which contains the code for encoding/decoding all known RR types,
including the DNSSEC ones? They were there the last time I looked.

    Don> Does the DNS server work for nslookup without depending (or
    Don> requiring) on any (secondary) client server(s)? I am hoping
    Don> that this would work during temporary test period.

I'm not sure I understand the question. A name server usually works by
querying other name servers. Some of them by definition will be
secondary (slave) servers. However it is not necessary for a name
server to have any slave zone{} statements in order for it to work.
And you should use a decent DNS lookup tool like dig, not the horrible
and broken nslookup.

    Don> I replaced named with new named(from BIND9) and still
    Don> displaying the previous version. What UNIX steps shall it be
    Don> to re-link new named to run BIND9?

I have no idea what you mean by "re-link new named to run
BIND9". Maybe you forgot to kill the currently running name server and
restart the new one? Or maybe there's something in your system's start
up files - /etc/rc, or /etc/inittab or /etc/rc?.d and friends - which
starts up an older name server?





More information about the bind-users mailing list