LinuxSA Mailing list archives

  From: Alan Kennington <akenning@dog.topology.org>
  To  : Mark Newton <newton@atdot.dotat.org>
  Date: Wed, 31 Jan 2001 11:30:32 +1030

Re: uh oh! -- BIND's no good again - warning, warning

Mark,

Many thanks for those observations.
Just a quick couple of points on these in response though.....

----------------------------------------------------------
On Wed, Jan 31, 2001 at 11:11:54AM +1030, Mark Newton wrote:
> On Wed, Jan 31, 2001 at 12:24:10AM +1030, Alan Kennington wrote:
> 
>  > On Tue, Jan 30, 2001 at 10:02:58PM +1030, Michael Kratz wrote:
>  > > Now, anyone, how hard is it to switch from BIND 8.2.3 to BIND 9.1??
>  > > is it as simple as this operation was ie. rpm upgrade
>  > 
>  > Here is my tale of woe.

[....]
>  > 4.	When I ran the final named binary, it couldn't understand
>  > 	any of my config files. I wanted a TTL parameter, and
>  > 	it didn't recognize half the things in /etc/named.conf.
> 
> >From the release notes:  
> 
>   "If you are upgrading from BIND 8, please read the migration notes in
>   doc/misc/migration."
> 
> If you did this you wouldn't have had any problems.
----------------------------------------------------------

Well, I did read this and all the other migration/change notes. 
But I didn't know the right syntax etc. etc.
for the $TTL construct.
Also, the man-manuals didn't install somehow.
But it turned out that the real manual is the file

    bind-9.1.0/doc/arm/Bv9ARM.html

Pretty obvious, really! (Not.)
So eventually I did upgrade all my zone files, and despite the
warnings about obsolete stuff in the /etc/named.conf file,
named did run correctly at last.
I was in a bit of a panic, because I knew that those pesky hackers were
writing exploits while my 16 MB machine was grinding/paging its way
through the build process.
(And this was interrupted in the middle by my visit to
Engineering House to see what this Agile thing is about.)

----------------------------------------------------------
>  > 5.	It made 5 copies of itself while running, using a total
>  > 	of 10.7 Mbytes of memory, of which 6.5 Mbytes is resident.
>  > 	This is compared to 2 Mbytes total previously.
> 
> Again, this is not unusual.  named always gets large, because it caches
> fairly aggressively.
----------------------------------------------------------

Large is no great problem in general.
But if the old named runs in one process of 2 MBytes at start-up,
and the new one runs in 5 processes of 2 MBytes, then I don't count
this as an improvement. If the software had been written by MS,
people would call this bloatware. 
But since linux is without sin....

----------------------------------------------------------
>  > So the 9.1.0 bind is
>  > -	incompatible with old config files
>  > -	uses tens of MBytes more disk for the binaries
>  > -	uses heaps more RAM
> 
> It seems that quite a bit of this would be alleviated if you used a 
> server which was properly equipped for the job and read the release
> notes.
----------------------------------------------------------

Well, this is not a criticism, but 2.2 years ago, I sounded
you out on the issue of firewall hardware, and you said you used an
old 486 for yours (running BSD, I think?), and I followed suit by
putting my firewall and anything else that had to run 24 hrs/day
on an old 486 with 16 MBytes RAM and 400 MBytes disk.

For the log files, I eventually added a 13 GB disk.

But I think maybe the days of getting linux to run nameserver,
webserver, firewall, mailserver on an old second-hand 486
are over.
Clearly I need to build a new 24-hour machine.
But that will take at least a week to set up all the
fail-safe stuff on a new machine (e.g. detection of modem
retraining bug and automatic pppd re-start, firewalls, logging),
installation of the French version of SuSE 7.0, adding new
BIND, sendmail etc. etc.
If only I weren't 4 GSTs behind already, I'd do it straight away!

Cheers, and thanks again for the comments,
Alan Kennington.

--------------------------------------------------------------------
    name: Dr. Alan Kennington
  e-mail: akenning@dog.topology.org
 website: http://topology.org/
    city: Adelaide, South Australia
  coords: 34.88051 S, 138.59334 E
timezone: UTC+1030 http://topology.org/timezone.html
 pgp-key: http://topology.org/key_ak2.asc

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject