Compiling BIND9 on CentOS 7

Matthew Pounsett matt at conundrum.com
Wed Apr 27 15:45:43 UTC 2016 

On 27 April 2016 at 08:34, Sean Son <linuxmailinglistsemail at gmail.com>
wrote:

> Thank you for your response. Basically what I am trying to do is migrate
> the BIND server from a Centos 5.11 machine to a CentOS 7.2 machine.  The
> BIND on CentOS 5.11 was compiled manually by source and its named.conf file
> looks very different than what CentOS/Red Hat provides in the RPM package
> named.conf file. Any tips on how I should go about migrating successfully
> from the 5.11 machine to the 7.2 machine?
>

Your best approach is to have a careful look at the named.conf you're
migrating from and understand what options are required by your DNS needs,
and which are just related to how the Centos 5 machine is organized.  You
can then merge the former set (your requirements) into the default config
of the Centos 7 machine.


>
>
> As for the named.service unit file that Reindl provided, will I need to
> call upon any RNDC services? I saw that in the named.service file that
> comes with the RPM/YUM package contains a call to some RNDC service which
> calls up some generate-rndc-key.sh script.. I am not too sure of what the
> names of the files are.
>

rndc is the command line interface to a running BIND server.  (BIND ==
berkeley internet name domain, rndc == remote name domain controller (or
something to that effect)).  The rndc.conf file must agree with the
named.conf file on where BIND's controller interface is (the controls{};
clause in named.conf) and what key to use for authentication, if any.

For example, named.conf might have something like this:
controls {
    inet 192.0.2.1 port 953 allow { 192.0.2.100; } keys {"rndc-key"; };
};
While your rndc.conf might have:
options {
    default-key "rndc-key";
    default-server 192.0.2.1;
    default-source-address 192.0.2.100;
    default-port 953;
};


It sounds to me like the named.service file you mention is probably
generating a default rndc.conf file if one doesn't already exist.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160427/419ff462/attachment.html>

More information about the bind-users mailing list