Hello All,

I've got a box running FBSD with named 8.2.2-P5-NOESW. Could anyone please provide step-by-step instructions (or a link to some... i searched without luck) to upgrade bind to the latest version? Its a production box hosting a few sites... and I don't want to break anything, that's why I'd like to cover everything with step-by-steps.

Thanks much.

-The Woozle

get the latest bind version from www.isc.org
untar the package ( tar -xvzf <file.tar.gz> )
cd into the directory
./configure
make
make install
killall -9 named
ndc start
should just about do the trick :)

also you might want to add the following line into your named.conf file between the options{} section:

allow-transfer { 1.1.1.1; };
version "Wouldn't you like to know? ;)";

alot of people that try to exploit your bind checks for the version, if they cant get it then they normally move on. the allow transfer will stop people from doing zone transfers off of your server
pretty simple eh?

Wow...

ok.. guess im dumb.. thats a hell of a lot easier than I had anticipated.

Thanks for the quick reply.

the named.conf, zone files, etc all remain in-tact? I don't need a default named.conf breaking my current setup.

-woozle

should i upgrade to 9.1.1 or 8.2.3

Yes, hey woozle..

I attempted to upgrade to bind-9.1.1 it is not as easy as running make and configure. or at least that is what i came to believe.

It uses rndc instead of ndc. From the migration notes:

The "ndc" program has been replaced by "rndc", which is capable of
remote operation. Unlike ndc, rndc requires a configuration file;
see the man pages in doc/man/bin/rndc.1 and doc/man/bin/rndc.conf.5 for
details. Some of the ndc commands are still unimplemented in rndc.


Now I am a newbie to installing and configuring bind and was told not to unless I knew more about it :(

I did get it installed and I suppose it was working but I could not get the system configured to use it properly so I gave up after a bit and went back to using version 8.2.2-P3

Then after asking everyone who runs bind and who told me I should upgrade I could not find one person who has done this upgrade to give me the run down on this.


So I would like to here anything on this as well.

hey vbird...

if you haven't done so, upgrade to 8.2.3 ... 8.2.2 has some nasty vulnerabilities from what I've been reading...

im going to try the instructions lenix posted right now... ill keep you updated once its done.

-woozle

ok... its installed

tar -zxvf bind-src.tar.gz
cd src
edit port/freebsd/Makefile.set (change freebsd to your os) to set the DESTETC which is the path to the named.conf
make
make clean
make depend
make all
make install
killall -9 named
ndc start

Tada, bind is upgraded. Thanks lenix for the starting points.

Now my next task is upgrading qmail/vpopmail... if you have information (preferably step-by-step) please check for my new thread. Thanks.

Lenix, do you know how to upgrade to Bind 9.1.1 ?

My friend need the steps.

He is using RaQ3 and I believe that he need to configure the DNS GUI as well right?

Just install bind as usual. The new binaries will overwrite the old ones. Your .conf files should stay in tact.

But I heard that Bind 9.1.1 is incompatible with RaQ3 DNS GUI and need some configuration at DNS GUI .

Do you know what kind of configuration does my friend need to do with his DNS GUI ?