bind9 question.

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Tue Feb 26 07:37:50 UTC 2002


C. Maki <news at phresh.net> wrote:
> I'm not sure which group to post this in, so I'm putting it in both.

> I recently put together a new OpenBSD 3.0 box. The sole purpose of this box
> was to be a primary name server for a domain. After configuring it to my
> liking, I downloaded and update the ports tree, cd'd to
> /usr/ports/net/bind9/ and typed 'make' and then later 'make install'.

> I already have a Red Hat box running bind9, and I've noticed some major
> differences. The Red Hat bind uses named.conf and the process when launched
> spawns some children and runs with a total of 5 processes.The OpenBSD box
> uses the older named.boot, and exists as only one process.

> The process thing really doesn't bother me, it's the lack of the ability to
> use named.conf. As far as I can tell, I can't get rndc to work w/o using a
> named.conf file, and I want to be able to secure the nameserver by refusing
> zone transfers, a method I know how to do in named.conf, but haven't yet
> researched in named.boot.

OpenBSD uses a "hardened" version of bind-4 as default.

If you download bind9 from ports it will install in /usr/local/sbin/named
BUT KEEP YOUR /usr/sbin/named. And this is the one that is started, 
thus it looks for named.boot.

You will need to either : change the /etc/rc to reflect the new location
or move bind-9 to /usr/sbin/named.

Personally i prefer overwriting the old binarires to make shure they 
don't "hang around", some don't aggree with me.




> Can someone tell me if I did something wrong? I can't tell what version of
> named is actually running either, cause the old dig @ version.bind chaos.txt
> trick doesn't work on this server.

> Thanks in advance.
> -C




-- 
Peter Håkanson         
        IPSec  Sverige      (At the Riverside of Gothenburg, home of Volvo)
           Sorry about my e-mail address, but i'm trying to keep spam out.
	   Remove "icke-reklam" and it works.


More information about the bind-users mailing list