[ On Monday, January 29, 2001 at 01:36:42 (-0800), Eric A. Hall wrote: ]
Subject: Re: sorry to ruin several of your evenings...
Somebody asked about an in-place upgrade from BIND 8.x to BIND 9.1.0 (sorry I purged some mails before their time). Just for the sake of readiness, be aware that there are some 8.x options which are unsupported in 9.x. I did an in-place upgrade and had to make a few (mostly insignificant) changes which may be problematic for larger sites.
The global config entries I had to remove were:
fake-iquery yes multiple-cnames yes rfc2308-type1 yes check-names slave ignore maintain-ixfr-base true
That's just the beginning! :-) Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'memstatistics-file' is not yet implemented Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: the default for the 'auth-nxdomain' option is now 'no' Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'host-statistics' is not yet implemented Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'use-id-pool' is obsolete Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'check-names' is not implemented Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'os' ignored Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'parser' ignored Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'load' ignored Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'panic' ignored Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'packet' ignored Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'eventlib' ignored I don't yet know if "host-statistics" is still necessary to be able to see the source of an RR in a dump file, or not, but if so then that'll be a road-block in keeping me from using 9.1.0 in production. I'm also very partial to 'check-names'. I've been happy using the following in many locations: check-names master fail; check-names slave fail; check-names response fail; Even more critically the old 'ndc' program has been replaced by 'rndc', which won't work until you've configured it (/etc/rndc.conf) *and* you add "controls" statements to your /etc/named.conf to allow it to connect, authenticate, and send commands. There doesn't seem to be a default way of setting it up for local-only control. I haven't done this yet Even worse than that the new BIND-9 'named' not only doesn't handle signals in the same way as previous versions, but it shuts down instead of ignoring SIGINT (which used to generate a dump file, which is why I've not yet successfully generated and viewed a dump file to see if the source of the RR is recorded in there!). So: WARNING: Anyone with scripts or other programs that use signals (i.e. kill(1), or kill(2)) to control their named process will almost certainly have to re-code to work with BIND-9 (and use 'rndc' and/or its mechanisms)! You'll also find that the new named-checkconf fails if you use: options { directory "/etc/namedb"; }; and then try to do something like: include "named-rfc1918.conf"; include "named-slave.conf"; include "named-master.conf"; However the named process itself does seem to do the chdir("/etc/namedb") before trying to do the "include"s, and if you start named-checkconf from within the right directory it'll work.... -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>