[CentOS] Running a DNS signed zone on Centos 5.5

Robert Moskowitz rgm at htt-consult.com
Tue Nov 9 12:16:37 EST 2010


My DNS server has been running Centos for some time.

I am in the process of upgrading it to Centos 5.5 (long overdue, I know).

Since we now have .com signed I want to get my domain signed as well, 
but I see that Centos 5.5 is running BIND 9.3.6 and a thread on the BIND 
list recommends against running a DNSSEC master zone on anything less 
than 9.6 and you really should be on 9.7.

The thread DOES mention that some functionality has been backported by 
RH to what their 9.3.6.

I did find the following:

http://jason.roysdon.net/2009/10/16/building-bind-9-6-on-rhel5-centos5-for-dnssec-nsec3-support/

Is this the best path at this time?  Can anyone point me to other documents?

I have a server that I can test this out and get everything ready before 
I upgrade my main Centos DNS server.  This way I can get it right in one 
try (or that is the dream).




More information about the CentOS mailing list