123 lines
4.8 KiB
Plaintext
123 lines
4.8 KiB
Plaintext
|
Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
|
||
|
|
Copyright (C) 2001, 2003 Internet Software Consortium.
|
||
|
|
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
|
||
|
|
|
||
|
|
Id: readme1st.txt,v 1.7.2.4.4.1 2004/03/06 13:16:25 marka Exp
|
||
|
|
|
||
|
|
Release of BIND 9.2.2 for Window NT/2000
|
||
|
|
|
||
|
|
This is a maintenance release of BIND 9.2 for Window NT/2000. Only
|
||
|
|
IPv4 stacks are supported on the box running this version of BIND.
|
||
|
|
IPv6 stacks will be supported in a future release.
|
||
|
|
|
||
|
|
Kit Installation Information
|
||
|
|
|
||
|
|
If you have previously installed BIND 8 or BIND 4 on the system that
|
||
|
|
you wish to install this kit, you MUST use the BIND 8 or BIND 4 installer
|
||
|
|
to uninstall the previous kit. For BIND 8.2.x, you can use the
|
||
|
|
BINDInstall that comes with the BIND 8 kit to uninstall it. The BIND 9
|
||
|
|
installer will NOT uninstall the BIND 8 binaries. That will be fixed
|
||
|
|
in a future release.
|
||
|
|
|
||
|
|
Unpack the kit into any convenient directory and run the BINDInstall
|
||
|
|
program. This will install the named and associated programs into
|
||
|
|
the correct directories and set up the required registry keys.
|
||
|
|
|
||
|
|
Controlling BIND
|
||
|
|
|
||
|
|
Windows NT/2000 uses the same rndc program as is used on Unix
|
||
|
|
systems. The rndc.conf file must be configured for your system in
|
||
|
|
order to work. You will need to generate a key for this. To do this
|
||
|
|
use the rndc-confgen program. The program will be installed in the
|
||
|
|
same directory as named: dns/bin/. From the DOS prompt, use the
|
||
|
|
command this way:
|
||
|
|
|
||
|
|
rndc-confgen -a
|
||
|
|
|
||
|
|
which will create a rndc.key file in the dns/etc directory. This will
|
||
|
|
allow you to run rndc without an explicit rndc.conf file or key and
|
||
|
|
control entry in named.conf file. See section 3.4.1.2 of the ARM for
|
||
|
|
details of this. An rndc.conf can also be generated by running:
|
||
|
|
|
||
|
|
rndc-confgen > rndc.conf
|
||
|
|
|
||
|
|
which will create the rndc.conf file in the current directory, but not
|
||
|
|
copy it to the dns/etc directory where it needs to reside. If you create
|
||
|
|
rndc.conf this way you will need to copy the same key statement into
|
||
|
|
named.conf.
|
||
|
|
|
||
|
|
The additions look like the following:
|
||
|
|
|
||
|
|
key "rndc-key" { algorithm hmac-md5; secret "xxxxxxxxx=="; };
|
||
|
|
|
||
|
|
controls {
|
||
|
|
inet 127.0.0.1 port 953 allow { localhost; } keys { "rndc-key"; };
|
||
|
|
};
|
||
|
|
|
||
|
|
Note that the value of the secret must come from the key generated
|
||
|
|
above for rndc and must be the same key value for both. Details of
|
||
|
|
this may be found in section 3.4.1.2 of the ARM. If you have rndc
|
||
|
|
on a Unix box you can use it to control BIND on the NT/W2K box as
|
||
|
|
well as using the Windows version of rndc to control a BIND 9
|
||
|
|
daemon on a Unix box. However you must have key statements valid for
|
||
|
|
the servers you wish to control, specifically the IP address and key
|
||
|
|
in both named.conf and rndc.conf. Again see section 3.4.1.2 of the
|
||
|
|
ARM for details.
|
||
|
|
|
||
|
|
In addition BIND is installed as a win32 system service, can be
|
||
|
|
started and stopped in the same way as any other service and
|
||
|
|
automatically starts whenever the system is booted. Signals are
|
||
|
|
not supported and are in fact ignored.
|
||
|
|
|
||
|
|
Note: Unlike most Windows applications, named does not, change its
|
||
|
|
working directory when started as a service. If you wish to use
|
||
|
|
relative files in named.conf you will need to specify a working
|
||
|
|
directory.
|
||
|
|
|
||
|
|
Documentation
|
||
|
|
|
||
|
|
This kit includes Documentation in HTML format. The documentation is not
|
||
|
|
copied during the installation process so you should move it to any convenient
|
||
|
|
location for later reference. Of particular importance is the BIND 9
|
||
|
|
Administrator's Reference Manual (Bv9ARM*.html) which provides detailed
|
||
|
|
information on BIND 9. In addition, there are HTML pages for each of the
|
||
|
|
BIND 9 applications.
|
||
|
|
|
||
|
|
DNS Tools
|
||
|
|
|
||
|
|
The following tools have been built for Windows NT: dig, nslookup, host,
|
||
|
|
nsupdate, rndc, rndc-confgen, named-checkconf, named-checkzone, dnssec-keygen,
|
||
|
|
dnssec-makekeyset, dnssec-signkey, dnssec-signzone. The tools will NOT run on
|
||
|
|
Win9x, only WinNT and Win2000. The latter tools are for use with DNSSEC. All
|
||
|
|
tools are installed in the dns/bin directory.
|
||
|
|
|
||
|
|
IMPORTANT NOTE ON USING THE TOOLS:
|
||
|
|
If you wish to use nsupdate on a win32 platform to do dynamic updates
|
||
|
|
to a zone you MUST create a resolv.conf in the System32\Drivers\etc
|
||
|
|
directory containing a list of nameserver addresses to use to find
|
||
|
|
the nameserver authoritative for the zone. The format of this file is:
|
||
|
|
|
||
|
|
nameserver 1.2.3.4
|
||
|
|
nameserver 5.6.7.8
|
||
|
|
|
||
|
|
Replace the IP addresses with your real addresses. 127.0.0.1 is a valid
|
||
|
|
address if you are running a nameserver on the localhost.
|
||
|
|
|
||
|
|
In addition, if you use dig, host or nslookup, you will need this
|
||
|
|
file on the system where you are running these tools unless you have
|
||
|
|
BIND running on that system.
|
||
|
|
|
||
|
|
This will be fixed in a future release.
|
||
|
|
|
||
|
|
Messages are logged to the Application log in the EventViewer.
|
||
|
|
|
||
|
|
Problems
|
||
|
|
|
||
|
|
Please report all problems to bind9-bugs@isc.org and not to me. All
|
||
|
|
other questions should go to the bind-users@isc.org mailing list or the
|
||
|
|
comp.protocol.dns.bind news group.
|
||
|
|
|
||
|
|
Danny Mayer
|
||
|
|
danny.mayer@nominum.com
|
||
|
|
|