migration-4to9 revision c3cc5b5bcfd045692d2a36cbf2da62bc356ca69f
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian WellingtonCopyright (C) 2001 Internet Software Consortium.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonSee COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
c3cc5b5bcfd045692d2a36cbf2da62bc356ca69fAndreas Gustafsson$Id: migration-4to9,v 1.3 2001/05/19 01:20:16 gson Exp $
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson BIND 4 to BIND 9 Migration Notes
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonTo transition from BIND 4 to BIND 9 you first need to convert your
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssonconfiguration file to the new format. There is a conversion tool in
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssoncontrib/named-bootconf that allows you to do this.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson named-bootconf.sh < /etc/named.boot > /etc/named.conf
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonBIND 9 uses a system assigned port for the UDP queries it makes rather
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssonthan port 53 that BIND 4 uses. This may conflict with some firewalls.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonThe following directives in /etc/named.conf allows you to specify
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson query-source address * port 53;
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson transfer-source * port 53;
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson notify-source * port 53;
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonBIND 9 no longer uses the minimum field to specify the TTL of records
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssonwithout a explicit TTL. Use the $TTL directive to specify a default TTL
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssonbefore the first record without a explicit TTL.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson @ IN SOA ns1.example.com. hostmaster.example.com. (
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonBIND 9 does not support multiple CNAMEs with the same owner name.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson www.example.com. CNAME host1.example.com.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson www.example.com. CNAME host2.example.com.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonBIND 9 does not support "CNAMEs with other data" with the same owner name,
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssonignoring the DNSSEC records (SIG, NXT, KEY) that BIND 4 did not support.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson www.example.com. CNAME host1.example.com.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafsson www.example.com. MX 10 host2.example.com.
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas GustafssonBIND 9 is less tolerant of errors in master files, so check your logs and
39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fccAndreas Gustafssonfix any errors reported. The named-checkzone program can also be to check
c3cc5b5bcfd045692d2a36cbf2da62bc356ca69fAndreas GustafssonOutgoing zone transfers now use the "many-answers" format by default.
c3cc5b5bcfd045692d2a36cbf2da62bc356ca69fAndreas GustafssonThis format is not understood by certain old versions of BIND 4.
c3cc5b5bcfd045692d2a36cbf2da62bc356ca69fAndreas GustafssonYou can work around this problem using the option "transfer-format
c3cc5b5bcfd045692d2a36cbf2da62bc356ca69fAndreas Gustafssonone-answer;", but since these old versions all have known security
c3cc5b5bcfd045692d2a36cbf2da62bc356ca69fAndreas Gustafssonproblems, the correct fix is to upgrade the slave servers.