[rescue] FSCKing OpenBSD!
rescue at sunhelp.org
rescue at sunhelp.org
Thu Feb 14 08:30:18 CST 2002
Various people having said various things:
> > I build a new box for a nameserver, using Openbsd 3.0, because it's
> > supposed to be fast AND secure. Then (after I get the box built) I
> > find out that not only does it only have BIND4 on it, but the only
> > binary package offered for OpenBSD 3.0 for Bind is BIND9. all my
> > stuff is in BIND8, and besides, I d'wanna learn BIND9, I just want
> > another secondary nameserver...
Hmm. Downloaded source, ran configure --with-openssl, make, make install.
I gather you didn't want to compile because the system in question was
really slow? If you really want BIND 9 binaries for OpenBSD/SPARC,
let me know and I'll package some up.
> I can't help but to wonder. What (beside the new and finally enforced
> TTL field and rndc) is so different in bind9?
BIND 9 is a *complete* re-write, more-or-less from scratch,
incorporating a lot of lessons learned and with significant
architectural changes. For one example: BIND 8 and previous
would never take advantage of more than one processor--while
BIND 9 has full POSIX threads support. Some of the other
architectural changes in BIND 9 were needed to support DNSSEC--and
if you want to do anything with DNSSEC at all (other than perhaps
TSIG for zone transfers) then you should be running BIND 9.
The only reason BIND 9 isn't called "dnsd" is that one of the entities
providing funding had earmarked it for "BIND development"--and it was
easier to keep the name than to change it and reflect reality. The
*real* numbering should have been something like:
BIND 9.0.0 --> BIND:TNG v0.9
BIND 9.1.0 --> BIND:TNG v1.0
BIND 9.2.0 --> BIND:TNG v1.1
which means that 9.2.1 will be just about ready for Prime Time. The
root servers, however, look to be staying on 8.2.5 for the immediate
future.
--Rip
More information about the rescue
mailing list