svn commit: r200394 - stable/6/etc/namedb
Doug Barton
dougb at FreeBSD.org
Fri Dec 11 02:32:54 UTC 2009
Author: dougb
Date: Fri Dec 11 02:32:53 2009
New Revision: 200394
URL: http://svn.freebsd.org/changeset/base/200394
Log:
Add a big honkin' warning about not using DNSSEC with this version
of BIND. Also point out that it's EOL and give suggestions on upgrading.
Modified:
stable/6/etc/namedb/named.conf
Modified: stable/6/etc/namedb/named.conf
==============================================================================
--- stable/6/etc/namedb/named.conf Fri Dec 11 02:23:04 2009 (r200393)
+++ stable/6/etc/namedb/named.conf Fri Dec 11 02:32:53 2009 (r200394)
@@ -8,6 +8,28 @@
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.
+/*
+*************************************************************************
+* _ _____ _____ _____ _ _ _____ ___ ___ _ _ *
+* / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | *
+* / _ \ | | | | | _| | \| | | | | | | | | \| | *
+* / ___ \| | | | | |___| |\ | | | | | |_| | |\ | *
+* /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| *
+* *
+*************************************************************************
+
+The version of BIND in the RELENG_6 branch (FreeBSD 6.x) is NOT suitable
+for use with DNSSEC, either as a validating resolver or an authoritative
+name server. If you plan to use DNSSEC for any purpose you should use a
+newer version of BIND, preferably version 9.6.x or higher.
+
+Additionally, this version of BIND (9.3.x) is beyond its End Of Life (EOL)
+date and is no longer supported by ISC.
+
+Newer versions are available in the ports tree (e.g., /usr/ports/dns/bind96)
+or by upgrading your FreeBSD installation to version 8.0 or higher.
+*/
+
options {
// Relative to the chroot directory, if any
directory "/etc/namedb";
More information about the svn-src-stable-6
mailing list