Date: Sat, 15 Mar 2014 17:01:41 -0700 From: Kevin Oberman <rkoberman@gmail.com> To: Robert Huff <roberthuff@rcn.com> Cc: questions@freebsd.org Subject: Re: changes to base system DNS Message-ID: <CAN6yY1vsLYMziT-Ge=xQA8u%2BmCtnTQCnZsarPGu05nKPQa8acA@mail.gmail.com> In-Reply-To: <5324C1E9.6040802@rcn.com> References: <5324C1E9.6040802@rcn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Mar 15, 2014 at 2:11 PM, Robert Huff <roberthuff@rcn.com> wrote: > > "rcorder /etc/rc.d/* /usr/local/etc/rc.d/*" on the old and new systems > > and compare the locations of named vs. local_unbound? > > On the current system, named comes up as number 74. > Would someone who uses only unbound report how it works for them? > Better yet - someone who's using port.bind? > > > > So it depends on what capability you are looking for as to whether it > starts earlier or later. (No easy answers here.) > > Short version: this system is authoritative for its zone, so a > caching-only resolver is no good. > Using system bind worked fine; everybody found everything they needed > at the right time. > I don't grok the rcorder system: it is my impression that everything > in /etc/rc.d is provessed independently and before /usr/local/etc/rc.d. If > that's true, then it seems like named might start after things that need > its services. > OK. So you will need a full install of the BIND 9.9 port (dns/bind99). rcorder(8) an the init system is based on REQUIRE, PROVIDE, and KEYWORD statements in each file in the rc.d directories. It does this without respect to what directory the file is in. While by default it searches /etc/rc.d and /usr/local/etc/rc.d, it can search anywhere that is mounted if that directory is specified in rc.conf. There are several psuedo-inits that provide "dividers" between major parts of the startup including NETWORKING, SERVERS, DAEMON, and FILESYSTEMS. Note that they are set AFTER the named things have been started, so named will depend on FILESYSTEMS and SERVERS, but not DAEMONS. These simplify ordering and are fairly self-explanatory. Most startup scripts list a number of requires. So the ports version of BIND and the system version both list the same REQUIREs and PROVIDEs, so will start at about hte same point. (When more than one file lists the same requirements, the order is not guaranteed.) So, if you install BIND, you should see no difference between the old base BIND and the ports versions, though the order may vary slightly. Note that the base BIND was chrooted by default. I don't believe that ports version is on 10, so you really should either chroot it yourself or, better yet, put it in a jail. I really recommend a jail. -- R. Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1vsLYMziT-Ge=xQA8u%2BmCtnTQCnZsarPGu05nKPQa8acA>