On 13-Jun-19 06:46, Matthijs Mekking wrote:
> Dear BIND 9 users,
>
> BIND 9 has a lot of configuration options. Some have lost value over
> the years, but the policy was to keep the options to not break old
> configurations.
>
> However, we also want to clean up the code at some point. Keeping
On 13 Jun 2019, at 13:37, Lightner, Jeffrey wrote:
I'd suggest also giving warnings for deprecated options when running
named-checkconf (and named-checkzone if applicable). You mention the
logs but not the commands.
Jeffrey C. Lightner
Sr. UNIX/Linux Administrator
With named-checkconf
On 13 Jun2019, at 17:48, Browne, Stuart via bind-users
wrote:
> For options that have passed their warning phase and have been removed, I'm
> all for BIND failing to start and named-checkconf erroring out , rather than
> quietly ignoring them.
Yes, I think this is the best way, otherwise
> -Original Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
> Evan Hunt
> Sent: Friday, 14 June 2019 5:40 AM
> To: Warren Kumari
> Cc: Ondřej Surý; comp-protocols-dns-b...@isc.org
> Subject: Re: A policy for removing named.conf
On Thu, Jun 13, 2019 at 02:52:34PM -0400, Warren Kumari wrote:
> all sorts of annoyance -- if I'm running low on space for cache, and
> spend much time twiddling the "max-acache-size" knob before
> discovering that someone has simply snipped the wires to it, I'd be
> super-grumpy.
But hopefully
bind-users On Behalf Of Warren Kumari
> Sent: Thursday, June 13, 2019 2:53 PM
> To: Evan Hunt
> Cc: Ondřej Surý ; comp-protocols-dns-b...@isc.org
> Subject: Re: A policy for removing named.conf options.
>
> On Thu, Jun 13, 2019 at 2:43 PM Evan Hunt wrote:
> >
> > >
for removing named.conf options.
On Thu, Jun 13, 2019 at 2:43 PM Evan Hunt wrote:
>
> > > Is it really much of a hassle to leave the obsolete options in the
> > > parser, but just ignore them?
>
> IMHO, it depends on the option. For something like "managed-keys" a
On Thu, Jun 13, 2019 at 2:43 PM Evan Hunt wrote:
>
> > > Is it really much of a hassle to leave the obsolete options in the
> > > parser, but just ignore them?
>
> IMHO, it depends on the option. For something like "managed-keys" and
> "trusted-keys", there are clear security implications. Once
> > Is it really much of a hassle to leave the obsolete options in the
> > parser, but just ignore them?
IMHO, it depends on the option. For something like "managed-keys" and
"trusted-keys", there are clear security implications. Once those are no
longer effective, it would be dangerous to have
> On 13 Jun 2019, at 18:10, John Thurston wrote:
>
> On 6/13/2019 4:37 AM, Lightner, Jeffrey wrote:
>> I'd suggest also giving warnings for deprecated options when running
>> named-checkconf (and named-checkzone if applicable). You mention the logs
>> but not the commands.
>> Jeffrey C.
> On 13 Jun 2019, at 17:55, Barry Margolin wrote:
>
> In article ,
> Matthijs Mekking wrote:
>
>> ## Deprecating
>>
>> A configuration option that is candidate for removal will be deprecated
>> first. During this phase the option will still work, but we will be
>> communicating to users
On 6/13/2019 4:37 AM, Lightner, Jeffrey wrote:
I'd suggest also giving warnings for deprecated options when running
named-checkconf (and named-checkzone if applicable). You mention the logs but
not the commands.
Jeffrey C. Lightner
Sr. UNIX/Linux Administrator
I hope this is implemented
In article ,
Matthijs Mekking wrote:
> ## Deprecating
>
> A configuration option that is candidate for removal will be deprecated
> first. During this phase the option will still work, but we will be
> communicating to users that the option is going to be removed soon. A
> user that has
Hi there,
On Thu, 13 Jun 2019, Leroy Tennison wrote:
On Thu, 13 Jun 2019, Ond?ej Sur? wrote:
On 13 Jun 2019, at 15:55, G.W. Haywood via bind-users ... wrote:
... could you not set up an ISC zone which BIND on startup will ping ...
we?ve been discussing the ?call home? feature on several
bject: [EXTERNAL] Re: A policy for removing named.conf options.
Hey,
we’ve been discussing the “call home” feature on several occasions and usually
something
more pressing crawls at top of the TODO list, but here’s the issue we have as a
starter:
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f
is in /var/log/messages goes to the Journal.
From: bind-users On Behalf Of Leroy Tennison
Sent: Thursday, June 13, 2019 9:57 AM
To: bind-users@lists.isc.org
Subject: Re: A policy for removing named.conf options.
First of all, I appreciate the fact that you are seeking feedback before
acting, thank you
Hey,
we’ve been discussing the “call home” feature on several occasions and usually
something
more pressing crawls at top of the TODO list, but here’s the issue we have as a
starter:
https://gitlab.isc.org/isc-projects/bind9/issues/421
We would be happy to collect more feedback and don’t get
eived this
message in error, please notify the sender immediately by e-mail and delete all
copies of the message.
From: bind-users on behalf of Ondřej Surý
Sent: Thursday, June 13, 2019 8:37 AM
To: Warren Kumari
Cc: bind-users@lists.isc.org
Subject: [EXTERNAL] Re: A
Hello again,
On Thu, 13 Jun 2019, Matthijs Mekking wrote:
On 6/13/19 2:40 PM, G.W. Haywood via bind-users wrote:
> On Thu, 13 Jun 2019, Matthijs Mekking? wrote:
>
> > | managed-keys?? | 9.15/9.16 | replaced with dnssec-keys |
>
> According to my changelogs for 'named.conf I removed
> On 13 Jun 2019, at 14:18, Warren Kumari wrote:
>
>> A configuration option that is candidate for removal will be deprecated
>> first. During this phase the option will still work, but we will be
>> communicating to users that the option is going to be removed soon. A
>> user that has
Hi Warren and everybody,
first, let me thank for the fruitful discussion!
> On 13 Jun 2019, at 15:18, Warren Kumari wrote:
>
> Many many people don't look at their logs -- could named also print
> stuff to (stdout, stderr) when starting?
>
> Note that this will require some testing -- various
On Thu, Jun 13, 2019 at 6:46 AM Matthijs Mekking wrote:
>
> Dear BIND 9 users,
>
> BIND 9 has a lot of configuration options. Some have lost value over
> the years, but the policy was to keep the options to not break old
> configurations.
>
> However, we also want to clean up the code at some
Hi,
On 6/13/19 2:40 PM, G.W. Haywood via bind-users wrote:
> Hi there,
>
> On Thu, 13 Jun 2019, Matthijs Mekking wrote:
>
>> We would like to hear your feedback.
>
> Thank you for the timely heads up.
>
>> | managed-keys | 9.15/9.16 | replaced with dnssec-keys |
>
> According to my
Hi there,
On Thu, 13 Jun 2019, Matthijs Mekking wrote:
We would like to hear your feedback.
Thank you for the timely heads up.
| managed-keys | 9.15/9.16 | replaced with dnssec-keys |
According to my changelogs for 'named.conf I removed 'managed-keys' and
'trusted-keys' three
I'd suggest also giving warnings for deprecated options when running
named-checkconf (and named-checkzone if applicable). You mention the logs but
not the commands.
Jeffrey C. Lightner
Sr. UNIX/Linux Administrator
DS Services of America, Inc.
2300 Windy Ridge Pkwy
Suite 600 N
Atlanta, GA
25 matches
Mail list logo
