On Sat, Feb 10, 2001 at 12:16:50PM +0100, Gustav Schaffter wrote:
> Chuck,
> I've studied some more parts of the BIND book (3:rd ed.) since I read
> you mail.
The Bind book (I have several editions including 3rd) is seriously
out of date. It doesn't address near all the features that are available
in Bind 8 and doesn't even know about Bind 9. Bind 8 supports publishing
keys (like IPSec RSA public keys) and had preliminary support for TSIG
(I think you had to apply some patches for TSIG/DNSEC) and a dnskeygen
program for generating crypto keys. None of these are even hinted at in
the Bind book. It does have one brief mention of AAAA (pronounced Quad A)
records for IPv6 but no mention of A6 records (alternate IPv6 where only
the local bits are specified).
O'Reilly is (according to a rep I spoke to at LinuxWorld) suppose
to be coming out with a revised edition in the next couple of months.
A guide I would HIGHLY recommend is the Bind 9 Administrators
Reference Manual. It's included in the Bind source distro in DocBook,
XML, and HTML form. The 9.1 version is also available in PDF form from
Nominum, http://www.nominum.com/resources/documentation/. I would recommend
the ARM guide even if you are working with Bind 8, since the features that
Bind 8 supported largely weren't changed. The file doc/misc/migration
describes most of the gotcha's where there are differences between
Bind 8 and Bind 9. Bind 8 also has some on-line documentation including
in the Bind 8 doc tarball, but it's not nearly as good.
> The options - version statement interests me. I just couldn't find any
> reference to this in the Index of the book, neither under options nor
> under version. So man named.conf just became a friend of mine. :-)
> When I started to read about the 'allow-update' directive, I was quite
> scared for a while. Until I learnt that it's off for all zones by
> default. So I guess that you actually allow this explicitly for a zone
> that was not part of your code snip below. Phuii! :-)
> Thanks for your input.
> Regards
> Gustav
>
> [EMAIL PROTECTED] wrote:
> <snip>
> > Here's some more sample stuff to help out:
> >
> > // BIND configuration file
> > // created by Chuck Mead on 31 Aug 00
> > // last edited 3 Feb 2001
> >
> > options {
> > version "Not today!";
> > directory "/var/named";
> > pid-file "/var/named/named.pid";
> > statistics-interval 0;
> > interface-interval 0;
> > };
> >
> > acl "secondary" {
> > 127.0.0.0/8;
> > xxx.xxx.xxx.xxx/32;
> > xxx.xxx.xxx.xxx/32;
> > };
> >
> > logging {
> > category lame-servers { null; };
> > };
> >
> > zone "mysample.com" {
> > type master;
> > file "primary/db.mysample";
> > allow-query { any; };
> > allow-update { none; };
> > allow-transfer { secondary; };
> > };
>
> --
> pgp = Pretty Good Privacy.
>
> To get my public pgp key, send an e-mail to: [EMAIL PROTECTED]
>
> Visit my web site at http://www.schaffter.com
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
