YaK:: Updating NAMED on old Linux distros, in July 2008 | [Changes] [Calendar] [Search] [Index] [PhotoTags] |
Doing the updates is a bit of a pain; here's what we learned.
First you need openssl; use 0.9.8h or later.
./config --prefix=/usr shared make ls -l libcrypto*.so* ;# you should see .so files make install
Then use bind 9.5.0 or later.
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make make install tail -f /var/log/messages ;# or /var/log/syslog killall named /etc/init.d/named start # look for errors in the messages or syslog, fix them, retry. ### This is a hack, but I actually did ### chmod 1777 /var/run ### when it reported ### named[12863]: couldn't open pid file '/var/run/named.pid': Permission denied ### named[12863]: exiting (due to early fatal error)
It's really important to tail the messages and look for errors there.
The default seems to have changed to recursion off. So if you need it, edit /etc/named.conf (which may be in /var/named/chroot) and add this to the "options" section:
recursion yes; allow-recursion {0.0.0.0/0;};Or use 192.168.0.0/16; or whatever you need.
dig porttest.dns-oarc.net in txt @DNSHOSTYou want to see "GOOD" in the TXT answer, or if it is not recursing for you, you will see no TXT answer.
A GOOD answer looks something like this:
;; QUESTION SECTION: ;porttest.dns-oarc.net. IN TXT ;; ANSWER SECTION: porttest.dns-oarc.net. 60 IN CNAME z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. 60 IN TXT "251.252.253.254 is GOOD: 26 queries in 2.2 seconds from 26 ports with std dev 19455.34" ;; AUTHORITY SECTION: z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. 60 IN NS ns.z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
(last modified 2008-07-26) [Login] |