Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 23 Dec 2003 18:40:36 +0530
From:      "Sunil Sunder Raj" <unixtools@hotmail.com>
To:        paul@partitura.com
Cc:        freebsd-questions@freebsd.org
Subject:   RE: replacing named 8 with 9
Message-ID:  <BAY8-F22bYEdDUEL2C3000346b7@hotmail.com>
next in thread | raw e-mail | index | archive | help 
Hi,

1) Install Bind 9

2) Make secret keys using rndcontrol
	a) grep -i irq /var/run/dmesg.boot
	choose IRQ's that have a lot of interrupts.
	b) Run # rndcontrol -s <IRQ> for each choosen interrupt.
	c) add it to rc.conf to enable after reboot
		rand_irqs="3 7 11".
3) Generate the keys
	a) # rndc-confgen -a -c /usr/local/etc/rndc.key
	    # chmod 600 /usr/local/etc/rndc.key
	    # chown bind:bind /usr/local/etc/rndc.key
	    # vi /usr/local/etc/rndc.key
	b) Copy the key statement
		key "rndc-key" {
		algorithm hmac-md5;
		secret "xxxxxxxxxxxxxxxxxxx";
		};
	c) # cp /usr/local/etc/rndc.conf.sample /usr/local/etc/rndc.conf
	     # chmod 600 /usr/local/etc/rndc.conf
             # chown bind:bind /usr/local/etc/rndc.conf
             # vi /usr/local/etc/rndc.conf
	d) Paste the copied key statement here.

4) In rc.conf
	named_enable="YES"
	named_program="/usr/local/sbin/named"
	named_flags="-c /etc/namedb/named.conf -u bind"

5) In /etc/named.conf
	At the top of the file
	// Use the key
	include "/usr/local/etc/rndc.key";

	// Control statement
	controls {
	inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndc-key"; };
	};

6) Check the config
	# named-checkconf /etc/namedb/named.conf

7) Start named
		# /usr/local/sbin/named -c /etc/namedb/named.conf -u bind


Regards
SSR



>From: Paul Phillips <paul@partitura.com>
>To: freebsd-questions@FreeBSD.ORG <freebsd-questions@freebsd.org>
>Subject: replacing named 8 with 9
>Date: Sun, 21 Dec 2003 10:41:55 -0600
>
>If I understand correctly, both freeBSD 4.9 and the 5 series use BIND 8.
>
>I would like to replace this with BIND 9.  What is the proper way to do so? 
>Do I need to uninstall BIND 8 in some way before using ports or packages to 
>install BIND 9?
>
>Thanks
>PCP
>
>_______________________________________________
>freebsd-questions@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to 
>"freebsd-questions-unsubscribe@freebsd.org"

_________________________________________________________________
Marriage? http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?74 Join 
BharatMatrimony.com for free.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY8-F22bYEdDUEL2C3000346b7>