Thanks Adrian, and Justin Newcomer!  I've got BIND up and running, in
chroot.  But now I have a couple of follow-up questions:

1. At the end of the build/install I saw the message suggesting running Bind
in the chroot environment for security reasons.  Apparently you're setup
this way, but would you recommend it, really, especially if the server's
behind a firewall?

2. What is lwresd (which I read needed to be added to /etc/rc.conf and
running for Bind 9)?

3. What would be the best way to change from using the original dig (8.3) in
/usr/bin to the new 9.3.1 version in /usr/pkg/bin , with sym-links?

4. What other tools come with Bind besides dig?

Thanks again!
Robert


-----Original Message-----
From: netbsd-users-owner@NetBSD.org
[mailto:netbsd-users-owner@NetBSD.org]On Behalf Of Adrian Portelli
Sent: Mittwoch, 3. August 2005 21:56
To: robert@kormar.net
Cc: NetBSD, Users
Subject: Re: problem getting BIND 9.3.1 to start


Robert Cates wrote:

> Hi,
>
> I've just installed BIND 9.3.1 from pkgsrc, but cannot get it to start.
> I've done the following but it just won't run:
>

Ok,

A few things first, this is what I have in my files:

/etc/rc.conf
named9=YES
named_flags="-t /var/chroot/named -u named"
named_chrootdir="/var/chroot/named"

/etc/rc.conf.d/named9
pidfile="/var/chroot/named/var/run/named.pid"

Now, if your using chroot everything is relative to the chroot
directory.  In the case of bind9 it's /var/chroot/named.  So all your
configuration file should go in there e.g. your named.conf should be in
/var/chroot/named/etc and you shoudn't put your zone files under
/etc/namedb but under /var/chroot/named/etc/namedb instead.

Now restart syslogd to get it to notice that your running named9 in a
chroot environment.  You should just then be able to start named9 and
watch /var/log/messages.

HTH,

adrian.