date:20110513

BIND 9.7.4b1 is now available

2011-05-13 Thread Mark Andrews


Introduction

   BIND 9.7.4b1 is a beta release of BIND 9.7.3.

Download

   The latest development version of BIND 9 software can always be found
   on our web site at http://www.isc.org/downloads/development. There you
   will find additional information about each release, source code, and
   some pre-compiled versions for certain operating systems.

Support

   Product support information is available on
   http://www.isc.org/services/support for paid support options. Free
   support is provided by our user community via a mailing list.
   Information on all public email lists is available at
   https://lists.isc.org/mailman/listinfo.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE:  +61 2 9871 4742  INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

BIND 9.4-ESV-R5b1 is now available

2011-05-13 Thread Mark Andrews


Introduction

   BIND 9.4-ESV-R5b1 is a beta release of BIND 9.4-ESV-R5.

Download

   The latest development version of BIND 9 software can always be found
   on our web site at http://www.isc.org/downloads/development. There you
   will find additional information about each release, source code, and
   some pre-compiled versions for certain operating systems.

Support

   Product support information is available on
   http://www.isc.org/services/support for paid support options. Free
   support is provided by our user community via a mailing list.
   Information on all public email lists is available at
   https://lists.isc.org/mailman/listinfo.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE:  +61 2 9871 4742  INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Primary Server Name Change

2011-05-13 Thread CT


On 05/12/2011 08:15 PM, Mark Andrews wrote:

In message4dcc225f.8000...@obsd.us, CT writes:

Primary Name server
bind- 9.7.3
OS- CentOS 5.6
Authoritative for 2 zones using DNSSEC

This may be an obvious question but I will ask anyway.. :)

I want to change the name of the server
from
old.zone1.com
to
new.zone2.com

IP Address - no change

- change soa in master zone files
- work with slaves to make sure named.conf are correct

Other than that are there any gotchas.. ??

I am wondering if I will have to unsign my zones
and the upload new keysets to the registrar.

To do a graceful transition to a new nameserver you should.

* Commision the new nameserver.
* Add the new address records and wait for them to propogate to
   all authoritative servers and any cached negative responses for
   them to expire.
* Add the NS record for the new nameserver.
* Update the parent zone to ADD the new nameserver and glue.
* Wait for the old NS RRet and referrals to expire from caches.
* Remove the NS record for the old nameserver.
* Update the parent zone to REMOVE the old nameserver and glue.
* Wait for the intermediate NS RRet and referrals to expire from caches.
* Remove the old address records if they are no longer required.
* Decommision the old nameserver.

As the addresses of the new and old nameservers are the same you
can shorten this process a little.

* Add the new address records and wait for them to propogate to
   all authoritative servers and any cached negative responses for
   them to expire.
* Update the NS RRset
  + Add the NS record for the new nameserver.
  + Remove the NS record for the old nameserver.
* Update the parent zone
  + Update the parent zone to ADD the new nameserver and glue.
  + Update the parent zone to REMOVE the old nameserver and glue.
* Wait for the old NS RRet and referrals to expire from caches.
* Remove the old address records if they are no longer required.

In all cases you re-sign the zone whenever you make changes to it.


Thx
CT
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Mark,
Thank you for your very succinct response..

Exactly what I needed..

CT
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: BIND 9.4-ESV-R5b1 is now available

2011-05-13 Thread Jack Tavares

Did I miss a notice? What issue(s) does this address?
I can't find a way to see what this addresses without
downloading the tarball.. 

--
Jack Tavares

From: bind-users-bounces+j.tavares=f5@lists.isc.org 
[bind-users-bounces+j.tavares=f5@lists.isc.org] on behalf of Mark Andrews 
[ma...@isc.org]
Sent: Thursday, May 12, 2011 21:59
To: bind-us...@isc.org
Subject: BIND 9.4-ESV-R5b1 is now available

Introduction

   BIND 9.4-ESV-R5b1 is a beta release of BIND 9.4-ESV-R5.

Download

   The latest development version of BIND 9 software can always be found
   on our web site at http://www.isc.org/downloads/development. There you
   will find additional information about each release, source code, and
   some pre-compiled versions for certain operating systems.

Support

   Product support information is available on
   http://www.isc.org/services/support for paid support options. Free
   support is provided by our user community via a mailing list.
   Information on all public email lists is available at
   https://lists.isc.org/mailman/listinfo.

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE:  +61 2 9871 4742  INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: BIND 9.4-ESV-R5b1 is now available

2011-05-13 Thread Evan Hunt

 Did I miss a notice? What issue(s) does this address?
 I can't find a way to see what this addresses without
 downloading the tarball.. 

Whoops.

The CHANGES file is at ftp://ftp.isc.org/isc/bind9/9.4-ESV-R5b1/CHANGES,
(and similarly for the other versions), so you don't have to download
the whole tarball.  In this case, changes since prior release ware:

--- 9.4-ESV-R5b1 released ---

3095.   [bug]   Handle isolated reserved ports in the port range.
[RT #23957]

3088.   [bug]   Remove bin/tests/system/logfileconfig/ns1/named.conf
and add setup.sh in order to resolve changing
named.conf issue.  [RT #23687]

3071.   [bug]   has_nsec could be used unintialised in
update.c:next_active. [RT #20256]

3067.   [bug]   ixfr-from-differences {master|slave}; failed to
select the master/slave zones.  [RT #23580]

3065.   [bug]   RRSIG could have time stamps too far in the future.
[RT #23356]

3064.   [bug]   powerpc: add sync instructions to the end of atomic
operations. [RT #23469]

3058.   [bug]   Cause named to terminate at startup or rndc reconfig/
reload to fail, if a log file specified in the conf
file isn't a plain file. [RT #22771]

3051.   [bug]   NS records obsure DNAME records at the bottom of the
zone if both are present. [RT #23035]

3041.   [bug]   dnssec-signzone failed to generate new signatures on
ttl changes. [RT #23330]

3040.   [bug]   Named failed to validate insecure zones where a node
with a CNAME existed between the trust anchor and the
top of the zone. [RT #23338]

3037.   [doc]   Update COPYRIGHT to contain all the individual
copyright notices that cover various parts.

3014.   [bug]   Fix the zonechecks system test to match expected
behaviour for 9.4 and to fail on error. [RT #22905]

3009.   [bug]   clients-per-query code didn't work as expected with
particular query patterns. [RT #22972]

3007.   [bug]   Named failed to preserve the case of domain names in
rdata which is not compressible when writing master
files.  [RT #22863]

2996.   [security]  Temporarily disable SO_ACCEPTFILTER support.
[RT #22589]

--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Primary Server Name Change

2011-05-13 Thread Joseph S D Yao

On Thu, May 12, 2011 at 01:09:35PM -0500, CT wrote:
 Primary Name server
 bind- 9.7.3
 OS- CentOS 5.6
 Authoritative for 2 zones using DNSSEC
 
 This may be an obvious question but I will ask anyway.. :)
...


To Mark's excellent response, I want to re-emphasize the importance of
making sure that your parent zone ends up with identical NS records (and
any A records needed as glue) to those in your zone whose NS records are
changing.  Remind them also to remove any old glue records no longer
needed, or update changed ones.  Failing to do all this is a common
cause of problems.

Also, I again point out that to the clients, there are generally no such
things as primary and secondary name servers - there are only peer name
servers.  One exception would seem to be the server in the MNAME field
of the SOA record - it is sent UPDATE records as the primary server
[the one with the master copy of the zone] - but this is frequently
filled in with a different name either for stealth server reasons or
just to avoid those UPDATE records.


--
/*\
**
** Joe Yao  j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

BIND 9.7.4b1 is now available

BIND 9.4-ESV-R5b1 is now available

Re: Primary Server Name Change

RE: BIND 9.4-ESV-R5b1 is now available

Re: BIND 9.4-ESV-R5b1 is now available

Re: Primary Server Name Change

6 matches

Site Navigation

Mail list logo

Footer information