Quoting terryc (ter...@woa.com.au): > 1. What do people recommend as online sources for Bind configuration > these days.
Online book _DNS for Rocket Scientists_, http://www.zytrax.com/books/dns/. > 2. what programs do you recommend for checking the configuration files. named-checkconf . It comes with BIND9, but many admins are unaware of it and its essential nature -- that being where the otherwise woefully lacking linting routines are. At my former place of work, after I started including this preflight check in all change control requests, my colleagues dubbed it 'the Rick Test' and it became a local standard -- rather flattering, really. /usr/sbin/named-checkconf -z -t /var/named/chroot/ /etc/named.conf | \ egrep -v '(loaded serial|all zones must be in views)' The -z option causes the utility to syntax-check all referenced zonefiles in addition to conffiles. And you can skip the '-t /var/named/chroot/' bit if you aren't running BIND9 in a chroot. I would discourage new installations of BIND9, as it's a slow, RAM-grabbing, overfeatured, monolithic daemon binary, and you can do better. If this is for authoritative-only service, look no further than NSD, a relatively easy migration because it uses directly re-use RFC 1035 ("BIND") zonefiles (which it compiles to binary format for speed). http://linuxmafia.com/faq/Network_Other/dns-servers.html#nsd _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
