Replacing Bind8x with Bind9

Joshua Lewis jmlewis at dslextreme.com
Tue Aug 10 14:44:11 PDT 2004 

       BIND 9 requires a good source of randomness to operate.
       It also requires configuration of rndc, including a
       "secret" key.  If you are using FreeBSD 4.x, visit
       http://people.freebsd.org/~dougb/randomness.html for
       information on how to set up entropy gathering. Users
       of FreeBSD 5.x do not need to perform this step. If
       you are running BIND 9 in a chroot environment, make
       sure that there is a /dev/random device in the chroot.

       The easiest, and most secure way to configure rndc is
       to run 'rndc-confgen -a' which will generate the proper
       conf file, with a new random key, and appropriate file
       permissions.


I guess I really need a bind9 on FreeBSD doc. That can answer all my
questions. I can't find anything that suites my needs on ISC.ORG. Has
anyone come across a well written bind9 doc?

I purchased the Complete FreeBSD book and several others they however
don't cover Bind9 nor does the handbook. I bought the BIND9 and DNS from
Oriley however that will be a few more weeks of reading. I am in need to
get BIND, POSTFIX, MySQL , APACHE, installed quickly. Any sources of well
written docs are welcome.

Thank you,
Joshua Lewis



uidzero I > Joshua Lewis wrote:
>
>>I received this error when running your instructions.
>>
>>apollo# make PORT_REPLACES_BASE_BIND9=yes install clean
>>Dependency warning: used OpenSSL version contains known vulnerabilities
>>Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
>>*** Error code 1
>>
>>I understand that it says a dependancy a problem. But I just ran cvsup no
>>more then an hour ago. Is there something I am missing?
>>
>>Thanks for any help
>>
>>
>>Thank you,
>>Joshua Lewis
>>
>>
>>
>>Michael Sharp
>>
>>
>>>read the /usr/ports/dns/bind9 Makefile and use the
>>>'PORT_REPLACES_BASE_BIND9'
>>>option to make.
>>>
>>>make PORT_REPLACES_BASE_BIND9=yes install clean
>>>
>>>In rc.conf
>>>----------
>>>named_enable="YES"
>>>named_program="/usr/local/sbin/named"
>>>named_flags="-c /usr/local/etc/namedb/named.conf -u bind"
>>>
>>>
>>>
>>>and you can also put NO_BIND= true in /etc/make.conf so that base BIND
>>>isn't build when you make world.
>>>
>>>Definetly consider chrooting or jailing BIND
>>>
>>>Michael
>>>
>>>
>>>
>>>
>>
>>_______________________________________________
>>freebsd-questions at freebsd.org mailing list
>>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>To unsubscribe, send any mail to
>> "freebsd-questions-unsubscribe at freebsd.org"
>>
>>
>
> make PORT_REPLACES_BASE_BIND9=yes WITH_OPENSSL_PORT=yes install clean
>
> Michael
>
>
> --
> Michael D. Whities
> uidzero at one-arm.com
> http://www.one-arm.com
>
> --
>
> There are four colors of hats to watch for:
> Black, White, Grey, and Red.
>
> The meanings are:
> Cracker, Hacker, Guru, and Victim.
>
>

More information about the freebsd-questions mailing list