Sun Microsystems - Solaris Support website.

Thursday, December 01, 2005

CONFIGURING BIND 9.31

CONFIGURING BIND 9.3.1 in Solaris 10 AMD64/x86

Configuring BIND 9.x is a bit of a problem for many of us; therefore, I decided to create this HOW-TO ease our pain through this rough path. By default Solaris 10 AMD64/X86 ships with BIND 9.2.4, I always like to stay with the most recent/stable version so I upgrade mine to BIND 9.3.1 which is the most current stable at the time of this writing from sunfreeware.com. So let’s get started.

The first thing I do is check my version of BIND by simple typing the following command:

# named –v

The command will output the current version that is installed on the system, in my case was BIND 9.2.4 as I mentioned before. Again to upgrade to the latest version point your browser to sunfreeware.com, go to the x86/Solaris 10 section in the right menu of your screen and download the most current version of BIND from the list. By default all the software that is downloadable in sunfreeware.com is ready for you in the form of a package, in the case of BIND the version I downloaded was call “bind-9.3.1-sol10-intel-local.gz”. To decompress the package and install it we precede to the do the following:

# gunzip bind-9.3.1-sol10-intel-local.gz

# pkgadd –d bind-9.3.1-sol10-intel-local.gz

The above two command will take care of the unzip and install of the package. By default the package will be installed under /usr/local. As a prerequisite before you even install the latest version of BIND from sunfreeware.com you should install openssl because BIND might need the /usr/local/lib/libcrypt.so.0.9.7 also you want to have as a pre-requisite either gcc-3.3.2 or libgcc-3.3 which again both can be downloaded from sunfreeware.com free of charge in package form. Haven’t all the above installed let’s proceed to configure BIND 9.3.1. Our binary/daemon was installed in /usr/local/sbin/named. Let’s configure the service now by looking at SMF, default service management for solaris.

# svcs –l dns/server
fmri         svc:/network/dns/server:default
enabled      true
state        online
next_state   none
state_time   Wed Nov 30 22:02:43 2005
logfile      /var/svc/log/network-dns-server:default.log
restarter    svc:/system/svc/restarter:default
contract_id  85
dependency   require_all/none file://localhost/etc/named.conf (online)
dependency   require_all/none svc:/system/filesystem/minimal (online)
dependency   require_any/error svc:/network/loopback (online)
dependency   optional_all/error svc:/milestone/network (online)

The above is showing my service up and running already in the final stage, your output might be different; whatever the case may be we want BIND to point to our new binary/daemon and we do this step using the following procedure:

# svcprop dn/server

We use this command to view the properties of a service, in our particular case what we are most interested in knowing is what binary/daemon is been execute when we start or stop our DNS server. We are only interested in the property called “start/exe astring /usr/sbin/named” . Now we are getting somewhere, take a look at the property of the service by default it will point the service to /usr/sbin/named, if you remember I told you that installing a new version such as BIND 9.3.1 will install your service under /usr/local , the new binary/daemon path after installed becomes /usr/local/sbin/named . Now you may be asking yourself, “how in earth do I tell the instance of DNS of SMF to recognize the new path”. Simple! Well, first we want to get into the configuration of the service by typing the following commands:

# svccfg
svc:>select dns/server:defaultsvc:/network/dns/server:default> listprop start/execstart/exec astring /usr/sbin/namedsvc:/network/dns/server:default> setprop start/exec = /usr/local/sbin/namedsvc:/network/dns/server:default> listprop start/execstart/exec astring /usr/local/sbin/namedsvc:/network/dns/server:default> quit

Let me walk you through to what’s happening. Out first command is getting into the configuration, the second command showed that we are selecting the DNS server service, the third command is listing what path is the service executing by default, the fourth command is changing the pointing path to our new path of execution, our fifth command is showing the changes we have made to the execution path and the last command will kick you of svccfg and save the changes you just performed. The last step we will perform is to refresh the service using the following command.

# svcadm refresh dns/server

and lastly but now least, we want to start our service using the following.

# svcadm start dns/server

We can always check what is the status of the service by issuing the following command:

# svcs –l dns/server

Up to this point the service should be running if it is not running still you can also try starting the service manully by typing /usr/local/sbin/named and checking with ps –ef | grep named . As Jamesd recommends from the opensolaris crew in IRC is better to use the default BIND version that comes with the OS because is more stable overall; however, many of us like to have the latest version to try out the new features, I hope this little HOW-TO give you an idea of the things that are needed in order to perform an upgrade of the DNS service. I want to thanks all my people from the opensolaris channel in IRC, especially Boyd and Tsoome who were so patient with my installation.

1 Comments:

  • nice, thank you for the valuable information.

    By Blogger JNK, at 10:12 AM  

Post a Comment

<< Home