My DNS servers (master slave) already running on CentOS 5.5 both 64 and I'm using Bind 9.7.2p2 (now is latest version), I never use rpm package because is so old, I recomended to you for compile the latest version for more secure and more capability.
About DNSSEC I don't have experience because I'm not try yet :D, but my bos tell me if DNSSEC needed for more secure.
- -- Best regards, David http://blog.pnyet.web.id
On 11/10/2010 12:16 AM, Robert Moskowitz wrote:
My DNS server has been running Centos for some time.
I am in the process of upgrading it to Centos 5.5 (long overdue, I know).
Since we now have .com signed I want to get my domain signed as well, but I see that Centos 5.5 is running BIND 9.3.6 and a thread on the BIND list recommends against running a DNSSEC master zone on anything less than 9.6 and you really should be on 9.7.
The thread DOES mention that some functionality has been backported by RH to what their 9.3.6.
I did find the following:
http://jason.roysdon.net/2009/10/16/building-bind-9-6-on-rhel5-centos5-for-d...
Is this the best path at this time? Can anyone point me to other documents?
I have a server that I can test this out and get everything ready before I upgrade my main Centos DNS server. This way I can get it right in one try (or that is the dream).
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos