On Thu, May 21, 2020 at 10:38:41AM +0300, Denis wrote:
> But when I try to generate acls the same way it was done with legacy
> Maxmind databases:
> acl us {
> geoip country us;
> }
>
> I'm getting "no GeoIP database installed which can answer queries of type
> 'country'".
Can you check whether the "geoip2" system test is passing?
- build BIND
- cd bin/tests/system
- sudo sh ifconfig.sh up
- sh run.sh geoip2
If the system test (which uses its own built-in database files) passes,
then I would guess the systemwide GeoIP database files either aren't where
named is looking for them, or are not readable.
If you check the named log, within the first few lines after the server
starts up there should be something like this:
21-May-2020 11:56:34.303 looking for GeoIP2 databases in '/usr/share/GeoIP'
21-May-2020 11:56:34.303 opened GeoIP2 database
'/usr/share/GeoIP/GeoLite2-Country.mmdb'
21-May-2020 11:56:34.307 opened GeoIP2 database
'/usr/share/GeoIP/GeoLite2-City.mmdb'
21-May-2020 11:56:34.307 opened GeoIP2 database
'/usr/share/GeoIP/GeoLite2-ASN.mmdb'
> The documentation now shows that "BIND 9.16 supports v2 of the API but
> these instructions have not been updated accordingly"
> Can you share the instructions that should be used now?
Which documentation says that? I don't remember it from the BIND doc...
Setting up ACLs should be largely unchanged, with the exception that a
couple of very infrequently used keywords like "areacode" and "netspeed"
became unavailable in the new API, and three-letter country codes are
now obsolete. "Country" is definitely still supported, and since you used
"us" rather than "usa" in your example, it should've worked.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
