/contrib/bind9/doc/misc/migration-4to9

https://bitbucket.org/freebsd/freebsd-head/ · #! · 57 lines · 43 code · 14 blank · 0 comment · 0 complexity · 430fe5a5f016159d7724ebda5a535f66 MD5 · raw file 

    

  1. Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
    2. 

  2. Copyright (C) 2001  Internet Software Consortium.
    3. 

  3. See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
    4. 

  4. 

  5. $Id: migration-4to9,v 1.4 2004/03/05 05:04:53 marka Exp $
    6. 

  6. 

  7. 		   BIND 4 to BIND 9 Migration Notes
    8. 

  8. 

  9. To transition from BIND 4 to BIND 9 you first need to convert your
    10. 

  10. configuration file to the new format.  There is a conversion tool in
    11. 

  11. contrib/named-bootconf that allows you to do this.
    12. 

  12. 

  13. 	named-bootconf.sh < /etc/named.boot > /etc/named.conf
    14. 

  14. 

  15. BIND 9 uses a system assigned port for the UDP queries it makes rather
    16. 

  16. than port 53 that BIND 4 uses.  This may conflict with some firewalls.
    17. 

  17. The following directives in /etc/named.conf allows you to specify
    18. 

  18. a port to use.
    19. 

  19. 

  20. 	query-source address * port 53;
    21. 

  21. 	transfer-source * port 53;
    22. 

  22. 	notify-source * port 53;
    23. 

  23. 

  24. BIND 9 no longer uses the minimum field to specify the TTL of records
    25. 

  25. without a explicit TTL.  Use the $TTL directive to specify a default TTL
    26. 

  26. before the first record without a explicit TTL.
    27. 

  27. 

  28. 	$TTL 3600
    29. 

  29. 	@	IN	SOA	ns1.example.com. hostmaster.example.com. (
    30. 

  30. 				2001021100
    31. 

  31. 				7200
    32. 

  32. 				1200
    33. 

  33. 				3600000
    34. 

  34. 				7200 )
    35. 

  35. 

  36. BIND 9 does not support multiple CNAMEs with the same owner name.
    37. 

  37. 	
    38. 

  38. 	Illegal:
    39. 

  39. 	www.example.com. CNAME host1.example.com.
    40. 

  40. 	www.example.com. CNAME host2.example.com.
    41. 

  41. 

  42. BIND 9 does not support "CNAMEs with other data" with the same owner name,
    43. 

  43. ignoring the DNSSEC records (SIG, NXT, KEY) that BIND 4 did not support.
    44. 

  44. 

  45. 	Illegal:
    46. 

  46. 	www.example.com. CNAME host1.example.com.
    47. 

  47. 	www.example.com. MX 10 host2.example.com.
    48. 

  48. 

  49. BIND 9 is less tolerant of errors in master files, so check your logs and
    50. 

  50. fix any errors reported.  The named-checkzone program can also be to check
    51. 

  51. master files.
    52. 

  52. 

  53. Outgoing zone transfers now use the "many-answers" format by default.
    54. 

  54. This format is not understood by certain old versions of BIND 4.  
    55. 

  55. You can work around this problem using the option "transfer-format
    56. 

  56. one-answer;", but since these old versions all have known security
    57. 

  57. problems, the correct fix is to upgrade the slave servers.
    58.