From owner-freebsd-stable@FreeBSD.ORG Sat Dec 18 22:51:54 2010 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4E4C1065670 for ; Sat, 18 Dec 2010 22:51:54 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from asmtpout029.mac.com (asmtpout029.mac.com [17.148.16.104]) by mx1.freebsd.org (Postfix) with ESMTP id 86C618FC14 for ; Sat, 18 Dec 2010 22:51:54 +0000 (UTC) MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; charset=us-ascii Received: from [17.153.98.123] by asmtp029.mac.com (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 64bit)) with ESMTPSA id <0LDN00JVMBIHIJ20@asmtp029.mac.com>; Sat, 18 Dec 2010 14:51:54 -0800 (PST) X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=6.0.2-1010190000 definitions=main-1012180126 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.2.15,1.0.148,0.0.0000 definitions=2010-12-18_02:2010-12-18, 2010-12-18, 1970-01-01 signatures=0 From: Chuck Swiger In-reply-to: <4D0C49A2.4000203@FreeBSD.org> Date: Sat, 18 Dec 2010 14:51:53 -0800 Message-id: <699B0DD9-A3E0-4508-8AAD-E493EF6DB3D9@mac.com> References: <4D0C49A2.4000203@FreeBSD.org> To: Doug Barton X-Mailer: Apple Mail (2.1082) Cc: freebsd-stable@FreeBSD.org Subject: Re: RFC: Upgrade BIND version in RELENG_7 to BIND 9.6.x X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Dec 2010 22:51:54 -0000 Hi-- On Dec 17, 2010, at 9:41 PM, Doug Barton wrote: > In order to avoid repeating the scenario where we have a version of BIND > in the base that is not supported by the vendor I am proposing that we > upgrade to BIND 9.6-ESV in FreeBSD RELENG_7. +1 > I am particularly interested in feedback from users with significant DNS > usage that are still using 9.4, especially if you're using the version > in the base. I would appreciate it if you could install 9.6 from the > ports and at minimum run /usr/local/sbin/named-checkconf to see if any > errors are generated. Of course it would be that much more helpful if > you could also evaluate BIND 9.6 in operation in your environment. dns/bind-9.6 seems to work better for me than the 7-STABLE base version of BIND. [1] No errors from named-checkconf. "make test" (under /usr/ports/dns/bind96/work/bind-9.6-ESV-R3/bin/tests after running .../system/ifconfig.sh up) passed all of the tests; and normal operation serving zones and so forth also work fine. One gripe is that stopping via rc script fails: # grep named /etc/rc.conf named_enable="YES" named_program="/usr/local/sbin/named" # /etc/rc.d/named stop named not running? (check /var/run/named/pid). ...because of the "-t /var/named", probably. Is there a symlink or something I can do to fix this? Regards, -- -Chuck [1]: I did some comparisons, and it appears max-cache-size option wasn't being honored by base named (claims to be BIND 9.4.-ESV-R4) from: FreeBSD example.com 7.4-PRERELEASE FreeBSD 7.4-PRERELEASE #1: Tue Dec 14 19:55:55 EST 2010 ...whereas top showed that named from dns/bind-9.6 filled its cache under load until it reached the max-cache-size plus a chunk for the recursive clients, and then remained at a stable size afterwards.