[34146] in North American Network Operators' Group
Re: BIND-9 vs. BIND-8 config incompatabilities continued....
daemon@ATHENA.MIT.EDU (Greg A. Woods)
Mon Jan 29 16:49:57 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@weird.com (Greg A. Woods)
To: "Eric A. Hall" <ehall@ehsco.com>
Cc: nanog@merit.edu
In-Reply-To: <3A7539A9.1E5953D6@ehsco.com>
Reply-To: nanog@merit.edu (North America Network Operators Group Mailing List)
Message-Id: <20010129214700.053244@proven.weird.com>
Date: Mon, 29 Jan 2001 16:47:00 -0500 (EST)
Errors-To: owner-nanog-outgoing@merit.edu
[ On Monday, January 29, 2001 at 01:36:42 (-0800), Eric A. Hall wrote: ]
> Subject: Re: sorry to ruin several of your evenings...
>
> Somebody asked about an in-place upgrade from BIND 8.x to BIND 9.1.0
> (sorry I purged some mails before their time). Just for the sake of
> readiness, be aware that there are some 8.x options which are unsupported
> in 9.x. I did an in-place upgrade and had to make a few (mostly
> insignificant) changes which may be problematic for larger sites.
>
> The global config entries I had to remove were:
>
> fake-iquery yes
> multiple-cnames yes
> rfc2308-type1 yes
> check-names slave ignore
> maintain-ixfr-base true
That's just the beginning! :-)
Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'memstatistics-file' is not yet implemented
Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: the default for the 'auth-nxdomain' option is now 'no'
Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'host-statistics' is not yet implemented
Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'use-id-pool' is obsolete
Jan 29 13:37:46 proven /usr/pkg/sbin/named[22298]: option 'check-names' is not implemented
Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'os' ignored
Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'parser' ignored
Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'load' ignored
Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'panic' ignored
Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'packet' ignored
Jan 29 13:37:47 proven /usr/pkg/sbin/named[22298]: unknown logging category 'eventlib' ignored
I don't yet know if "host-statistics" is still necessary to be able to
see the source of an RR in a dump file, or not, but if so then that'll
be a road-block in keeping me from using 9.1.0 in production.
I'm also very partial to 'check-names'. I've been happy using the
following in many locations:
check-names master fail;
check-names slave fail;
check-names response fail;
Even more critically the old 'ndc' program has been replaced by 'rndc',
which won't work until you've configured it (/etc/rndc.conf) *and* you
add "controls" statements to your /etc/named.conf to allow it to
connect, authenticate, and send commands. There doesn't seem to be a
default way of setting it up for local-only control. I haven't done
this yet
Even worse than that the new BIND-9 'named' not only doesn't handle
signals in the same way as previous versions, but it shuts down instead
of ignoring SIGINT (which used to generate a dump file, which is why
I've not yet successfully generated and viewed a dump file to see if the
source of the RR is recorded in there!). So:
WARNING: Anyone with scripts or other programs that use signals
(i.e. kill(1), or kill(2)) to control their named process will almost
certainly have to re-code to work with BIND-9 (and use 'rndc' and/or its
mechanisms)!
You'll also find that the new named-checkconf fails if you use:
options {
directory "/etc/namedb";
};
and then try to do something like:
include "named-rfc1918.conf";
include "named-slave.conf";
include "named-master.conf";
However the named process itself does seem to do the
chdir("/etc/namedb") before trying to do the "include"s,
and if you start named-checkconf from within the right
directory it'll work....
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
