From owner-freebsd-questions@FreeBSD.ORG Fri Dec 16 12:22:56 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7247E106566C for ; Fri, 16 Dec 2011 12:22:56 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id CDBB38FC0C for ; Fri, 16 Dec 2011 12:22:55 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [IPv6:2001:8b0:151:1:fa1e:dfff:feda:c0bb]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id pBGCMDqP085243 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Fri, 16 Dec 2011 12:22:16 GMT (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: OpenDKIM Filter v2.4.1 smtp.infracaninophile.co.uk pBGCMDqP085243 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1324038137; bh=hBhRa338TEh/kp11Z2BrqxRDEwrWqzebaIki+8cHAxs=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type; b=xw19qvimIJ9e55nj8dcTQCA+dP0nVgoGIjSDSp+ZXZNAmXXjmsnKcF6abCI0iMSIP OB/k0YhDY5mBIF/OtsFrCgCZaq9O/p4GIoFxNOrJsHuNOyaF10s07cPKg8YS3GiJf+ 0laYZ4HaxXkIo7HzTz3o/VimcQpwkPeKD5DpqNaI= Message-ID: <4EEB37EE.6010904@infracaninophile.co.uk> Date: Fri, 16 Dec 2011 12:22:06 +0000 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:8.0) Gecko/20111105 Thunderbird/8.0 MIME-Version: 1.0 To: Iqbal Aroussi References: In-Reply-To: X-Enigmail-Version: 1.3.4 OpenPGP: id=60AE908C Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigEB14C4E06F2E5F6291267D0D" X-Virus-Scanned: clamav-milter 0.97.3 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED, AWL, DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: Replacing FreeBSD Base System's BIND X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Dec 2011 12:22:56 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigEB14C4E06F2E5F6291267D0D Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 16/12/2011 10:04, Iqbal Aroussi wrote: > After installing FreeBSD 8.2, I noticed it's using BIND 9.6 but in port= s > collection there is newer versions 9.7 and 9.8. > I'd like to know if there is any advantages in upgrading BIND to 9.8 > instead of using the base install version. > I'd really appreciate if you can give me some hints of the best way to = do > it for future needs while retaining all the advantages > of the base install configuration. > I found this article on the net " > http://static.closedsrc.org/articles/dn-articles/bind9.html" but it's s= eems > to be outdated > * >=20 > PS: I'm new FreeBSD convert user coming from Linux world :) It depends what you're using bind for. If you are serving domains to the public in something more than a trivial way, then yes, using the latest ports version is recommended. Otherwise, there's little to choose one way versus the other. Using the base system bind is less effort, and you'll get automatic patching of any significant problems assuming you're keeping the system up to date by any of the recognised methods. Also, if you do choose to use the ports version, to keep things simple, I'd recommend not *replacing* the base system bind. This means you'll still be able to use services like freebsd-update(8) without any hassle. Simply install the ports version dns/bind98 under /usr/local, and then something like this in your /etc/rc.conf will switch to using that version. Note -- still uses the standard /etc/rc.d/named startup script.= named_enable=3D"YES" named_program=3D"/usr/local/sbin/named" You'll tend to get the base system version of applications like dig(1) with this unless you tweak $PATH or some such. However, there's very little difference between the client-side apps in recent bind versions, and if you do happen to run into an area where there are significant changes, all you need to do is run /usr/local/bin/dig instead. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enigEB14C4E06F2E5F6291267D0D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7rN/QACgkQ8Mjk52CukIwdqgCdGueZnY9eoxXDToXxeWpr2UoE gPEAoITMzhJ8eD1fXgvZz5z3VaD6WOG1 =Wc05 -----END PGP SIGNATURE----- --------------enigEB14C4E06F2E5F6291267D0D--