freeipa.git/install/share/bind.named.conf.template, branch mspac

Add timestamps to named debug logs in /var/named/data/named.run

2013-09-06T13:39:36+00:00

Remove support for IPA deployments with no persistent search

2013-08-09T10:14:42+00:00

Drops the code from ipa-server-install, ipa-dns-install and the
BindInstance itself. Also changed ipa-upgradeconfig script so
that it does not set zone_refresh to 0 on upgrades, as the option
is deprecated.

https://fedorahosted.org/freeipa/ticket/3632

Put pid-file to named.conf

2013-03-29T07:59:45+00:00

Fedora 19 has splitted /var/run and /run directories while in Fedora
18 it used to be a symlink. Thus, named may expect its PID file to be
in other direct than it really is and fail to start.

Add pid-file configuration option to named.conf both for new
installations and for upgraded machines.

Use tkey-gssapi-keytab in named.conf

2013-03-14T14:50:24+00:00

Remove obsolete BIND GSSAPI configuration options tkey-gssapi-credential
and tkey-domain and replace them with tkey-gssapi-keytab which avoids
unnecessary Kerberos checks on BIND startup and can cause issues when
KDC is not available.

Both new and current IPA installations are updated.

https://fedorahosted.org/freeipa/ticket/3429

Enable SOA serial autoincrement

2012-07-13T14:03:58+00:00

SOA serial autoincrement is a requirement for major DNS features,
e.g. zone transfers or DNSSEC. Enable it by default in named.conf
both for new and upgraded installations. Name of the bind-dyndb-ldap
option is "serial_autoincrement".

From now on, idnsSOAserial attribute also has to be put to
replication agreement exclude list as serial will be incremented
on each DNS server separately and won't be shared. Exclude list
has to be updated both for new replication agreements and the
current ones.

Minimum number of connections for bind-dyndb-ldap has been rised
to 4 connections, the setting will be updated during package upgrade.

https://fedorahosted.org/freeipa/ticket/2554

Let Bind track data changes

2011-08-31T14:46:12+00:00

Integrate new bind-dyndb-ldap features to automatically track
DNS data changes:

 1) Zone refresh
    Set --zone-refresh in installation to define number of seconds
    between bind-dyndb-ldap polls for new DNS zones. User now
    doesn't have to restart name server when a new zone is added.

 2) New zone notifications
    Use LDAP persistent search mechanism to immediately get
    notification when any new DNS zone is added. Use --zone-notif
    install option to enable. This option is mutually exclusive
    with Zone refresh.

To enable this functionality in existing IPA installations,
update a list of arguments for bind-dyndb-ldap in /etc/named.conf.
An example when zone refresh is disabled and DNS data change
notifications (argument psearch of bind-dyndb-ldap) are enabled:

dynamic-db "ipa" {
...
        arg "zone_refresh 0";
        arg "psearch yes";
};

This patch requires bind-dyndb-ldap-1.0.0-0.1.b1 or later.

https://fedorahosted.org/freeipa/ticket/826

Allow recursion by default

2011-06-28T03:14:16+00:00

Update name server configuration file to allow any host to issue
recursive queries (allow-recursion statement).

https://fedorahosted.org/freeipa/ticket/1335

IPv6 enhancements

2011-02-02T17:39:35+00:00

* Make host-add, host-del and reverse zone creation IPv6 aware
* Make Bind listen on IPv6 interfaces, too

https://fedorahosted.org/freeipa/ticket/398

named.conf: Add trailing dot to the fake_mname

2010-05-06T14:27:21+00:00

Yet another trailing dot issue, but this one was kept hidden because
only the latest bind-dyndb-ldap package uses the fake_mname option.

Set BIND to use ldapi and use fake mname

2010-01-21T22:37:42+00:00

The fake_mname for now doesn't exists but is a feature that will be
added in the near future. Since any unknown arguments to bind-dyndb-ldap
are ignored, we are safe to use it now.