From owner-freebsd-current@FreeBSD.ORG Sat Sep 25 04:07:55 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74B7116A4CE for ; Sat, 25 Sep 2004 04:07:55 +0000 (GMT) Received: from sccrmhc13.comcast.net (sccrmhc13.comcast.net [204.127.202.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2047243D3F for ; Sat, 25 Sep 2004 04:07:55 +0000 (GMT) (envelope-from DougB@freebsd.org) Received: from [192.168.9.149] (unknown[195.172.110.163]) by comcast.net (sccrmhc13) with SMTP id <20040925040753016007j45qe> (Authid: domain_name_tsar); Sat, 25 Sep 2004 04:07:54 +0000 Date: Sat, 25 Sep 2004 05:07:38 +0100 (BST) From: Doug Barton To: freebsd-current@freebsd.org Message-ID: <20040925043451.B16332@URF.trarfvf> Organization: http://www.FreeBSD.org/ X-message-flag: Outlook -- Not just for spreading viruses anymore! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: HEADS UP: BIND 9 imported, and working! X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Sep 2004 04:07:55 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Folks, BIND 9.3.0-REL has been imported into the base to replace BIND 8. It is now fully functional, although there are a few nits and nats that are being addressed. There are many differences between BIND 8 and 9. Some of the more important ones are how picky BIND 9 is about zone file format. Some zones that loaded fine under BIND 8 will not load with 9. The named process is controlled with a program called rndc. The ndc binary is no longer present. The other user utilities have changed as well. For example, the output of dig is significantly different, and the output of host is slightly different. This may require rewriting scripts that depend on these utilities. In the config file, there are a few directives from BIND 8 that are no longer valid in BIND 9. named will complain about them when you start it, so check the logs. Some command line options have also changed. In particular the -g argument to named is no longer used to set the group ID. That is now picked up from the group associated with the user ID named is started with when using the -u option. The other thing admins with busy servers may notice is that named now has a client limit. If you get error messages about this in your logs, check the documentation for how to adjust it. More information about these issues can be found in /usr/share/doc/bind9, especially the misc/migration file, and of course the manual in arm. Finally, as mentioned above, some binaries that were part of BIND 8 are no longer present, and some functionality is now present in different areas. Below is a matrix of those changes: /usr/libexec/named-xfer GONE Functionality is now in named itself /usr/bin/dnskeygen GONE /usr/sbin/dnssec-keygen /usr/bin/dnsquery GONE /usr/sbin/named.restart GONE /etc/rc.d/named restart /usr/sbin/ndc GONE /usr/sbin/rndc /usr/sbin/nslookup /usr/bin/nslookup /usr/sbin/nsupdate /usr/bin/nsupdate Finally, I would like to offer very sincere thanks to the people that made this possible. Tom Rhodes, Ruslan, and especially Dag-Erling have gone way beyond the call of duty, and created a beautiful new framework that is more sophisticated, and more useful than anything I cold have come up with on my own. They provided excellent help and advice, and were very patient about teaching me as they went along. I own them all $DINNER and $ADULT_BEVERAGES of the highest order. :) I'd also like to thank Rober Watson and Peter Wemm for their advice and encouragement, and last but not least, Scott Long for kicking my butt hard enough to admit that I needed help with this. The plan is to merge this into RELENG_5 before the 5.3-RELEASE. There are some more bits that I'd like to try and merge before then, like a default chroot setup, but that may have to wait till after the release. Enjoy, Doug - -- This .signature sanitized for your protection -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBVO8NyIakK9Wy8PsRAn/GAKCQfjZNx/irOezTbkAYCULJIC3X4wCgjaFT vPcqJkl9InKhOZ3nYGXFMPU= =KYwn -----END PGP SIGNATURE-----