Re: Bind8 to Bind9

To: Peter Billson <pete@elbnet.com>
Cc: debian-isp@lists.debian.org
Subject: Re: Bind8 to Bind9
From: Craig Sanders <cas@taz.net.au>
Date: Sun, 17 Nov 2002 10:56:12 +1100
Message-id: <[🔎] 20021116235612.GW18304@taz.net.au>
In-reply-to: <[🔎] 3DD6A836.C936EBC1@elbnet.com>
References: <[🔎] 4.3.2.7.2.20021115151924.01524d40@mail.nothnbut.net> <[🔎] 1037458301.1191.10.camel@altfrangg> <[🔎] 3DD6A836.C936EBC1@elbnet.com>

On Sat, Nov 16, 2002 at 03:19:02PM -0500, Peter Billson wrote:
>   I am planning the move from Bind8 to Bind9 on woody and was
>   wondering if anyone has any tips, gotchas or pointers I should know
>   before the move.

bind 9 will use a LOT more memory than bind 8.  at least double or
triple the memory.

i'd advise upgrading to the latest bind 8 instead and configuring it to
run as user/group 'bind' rather than root.

 - install the latest bind 8.3.3 package, which has been patched against
   the recent vulnerability.

 - create a user and group called bind

 - chown -R bind.bind /var/cache/bind/

 - create or edit /etc/default/bind to look like:

   OPTIONS="-u bind -g bind"

 - restart bind with "/etc/init.d/bind restart".

read the documentation in /usr/share/doc/bind before doing this.  there
are some things that bind can't do when running as a non-root user (e.g.
it can't bind to new/dynamic IP addresses.  not a problem on a static ip
server, but requires a bind restart if your link is dialup/dsl/cable/etc
and your IP changes).

craig

-- 
craig sanders <cas@taz.net.au>

Fabricati Diem, PVNC.
 -- motto of the Ankh-Morpork City Watch

Reply to:

References:
- Being new to Debian...
  - From: Sonny Kupka <sonny@nothnbut.net>
- Re: Being new to Debian...
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
- Bind8 to Bind9
  - From: Peter Billson <pete@elbnet.com>

Prev by Date: Re: New BIND 4 & 8 Vulnerabilities
Next by Date: Re: Bind8 to Bind9
Previous by thread: Re: Bind8 to Bind9
Next by thread: Re: Bind8 to Bind9
Index(es):
- Date
- Thread