My DNS servers (master slave) already running on CentOS 5.5 both 64 and I'm using Bind 9.7.2p2 (now is latest version), I never use rpm package because is so old, I recomended to you for compile the latest version for more secure and more capability. About DNSSEC I don't have experience because I'm not try yet :D, but my bos tell me if DNSSEC needed for more secure. - -- Best regards, David http://blog.pnyet.web.id On 11/10/2010 12:16 AM, Robert Moskowitz wrote: > My DNS server has been running Centos for some time. > > I am in the process of upgrading it to Centos 5.5 (long overdue, I know). > > Since we now have .com signed I want to get my domain signed as well, > but I see that Centos 5.5 is running BIND 9.3.6 and a thread on the BIND > list recommends against running a DNSSEC master zone on anything less > than 9.6 and you really should be on 9.7. > > The thread DOES mention that some functionality has been backported by > RH to what their 9.3.6. > > I did find the following: > > http://jason.roysdon.net/2009/10/16/building-bind-9-6-on-rhel5-centos5-for-dnssec-nsec3-support/ > > Is this the best path at this time? Can anyone point me to other documents? > > I have a server that I can test this out and get everything ready before > I upgrade my main Centos DNS server. This way I can get it right in one > try (or that is the dream). > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >