migration-4to9 revision 39f1df3fbd71b6d57c31f6a1b3d7e5194ef63fcc
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof KosińskiCopyright (C) 2000, 2001 Internet Software Consortium.
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof KosińskiSee COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
40742313779ee5e43be93a9191f1c86412cf183bKrzysztof Kosiński
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen BIND 4 to BIND 9 Migration Notes
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosiński
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof KosińskiTo transition from BIND 4 to BIND 9 you first need to convert your
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenconfiguration file to the new format. There is a conversion tool in
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosińskicontrib/named-bootconf that allows you to do this.
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen named-bootconf.sh < /etc/named.boot > /etc/named.conf
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenBIND 9 uses a system assigned port for the UDP queries it makes rather
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenthan port 53 that BIND 4 uses. This may conflict with some firewalls.
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenThe following directives in /etc/named.conf allows you to specify
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelena port to use.
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen query-source address * port 53;
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen transfer-source * port 53;
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen notify-source * port 53;
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenBIND 9 no longer uses the minimum field to specify the TTL of records
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenwithout a explicit TTL. Use the $TTL directive to specify a default TTL
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenbefore the first record without a explicit TTL.
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen $TTL 3600
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen @ IN SOA ns1.example.com. hostmaster.example.com. (
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen 2001021100
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen 7200
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen 1200
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen 3600000
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen 7200 )
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelenBIND 9 does not support multiple CNAMEs with the same owner name.
40742313779ee5e43be93a9191f1c86412cf183bKrzysztof Kosiński
40742313779ee5e43be93a9191f1c86412cf183bKrzysztof Kosiński Illegal:
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen www.example.com. CNAME host1.example.com.
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosiński www.example.com. CNAME host2.example.com.
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosiński
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof KosińskiBIND 9 does not support "CNAMEs with other data" with the same owner name,
8001ba81cb851b38d86650a2fef5817facffb763johanengelenignoring the DNSSEC records (SIG, NXT, KEY) that BIND 4 did not support.
8001ba81cb851b38d86650a2fef5817facffb763johanengelen
1f37e9d97c3bb8cf02b2cc80af8dcfc9aba7c7b4johanengelen Illegal:
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen www.example.com. CNAME host1.example.com.
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen www.example.com. MX 10 host2.example.com.
89b7ae0378ab9aecddeaa326828d6d61b2bc263bjohanengelen
ca597f14b22c20776ddda3634fcd32e2dc4c7fddKrzysztof KosińskiBIND 9 is less tolerant of errors in master files, so check your logs and
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosińskifix any errors reported. The named-checkzone program can also be to check
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosińskimaster files.
76addc201c409e81eaaa73fe27cc0f79c4db097cKrzysztof Kosiński