blob: 4d038a5110c8b453ad5ae0348b938ed338fe53bf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
BIND 4 to BIND 9 Migration Notes
To transition from BIND 4 to BIND 9 you first need to convert your
configuration file to the new format. There is a conversion tool in
contrib/named-bootconf that allows you to do this.
named-bootconf.sh < /etc/named.boot > /etc/named.conf
BIND 9 uses a system assigned port for the UDP queries it makes rather
than port 53 that BIND 4 uses. This may conflict with some firewalls.
The following directives in /etc/named.conf allows you to specify
a port to use.
query-source address * port 53;
transfer-source * port 53;
notify-source * port 53;
BIND 9 no longer uses the minimum field to specify the TTL of records
without a explicit TTL. Use the $TTL directive to specify a default TTL
before the first record without a explicit TTL.
$TTL 3600
@ IN SOA ns1.example.com. hostmaster.example.com. (
2001021100
7200
1200
3600000
7200 )
BIND 9 does not support multiple CNAMEs with the same owner name.
Illegal:
www.example.com. CNAME host1.example.com.
www.example.com. CNAME host2.example.com.
BIND 9 does not support "CNAMEs with other data" with the same owner name,
ignoring the DNSSEC records (SIG, NXT, KEY) that BIND 4 did not support.
Illegal:
www.example.com. CNAME host1.example.com.
www.example.com. MX 10 host2.example.com.
BIND 9 is less tolerant of errors in master files, so check your logs and
fix any errors reported. The named-checkzone program can also be to check
master files.
Outgoing zone transfers now use the "many-answers" format by default.
This format is not understood by certain old versions of BIND 4.
You can work around this problem using the option "transfer-format
one-answer;", but since these old versions all have known security
problems, the correct fix is to upgrade the slave servers.
|