| Gönderen: |
"Dan Napier" <ecs-isp@2rosenthals.com> |
Tam Başlıklar
Çözülmemiş İleti |
| Konu: |
RE: [eCS-ISP] [BULK] [eCS-ISP] Bind 9.11.20 |
| Tarih: |
Tue, 14 Jul 2020 16:48:49 -0700 |
| Alacak: |
"eCS ISP Mailing List" <ecs-isp@2rosenthals.com> |
|
|---|
Paul I just installed the 9.11 Porsche it does report ipv6 even in the OS2 command line The server is reporting ipv6 addresses, so I guess if the system is able to do with it it runs. So far I have not seen any 100 CPU usage. I will keep a close watch. Thanks for all your effort. Dan From: eCS ISP Mailing List [mailto:ecs-isp@2rosenthals.com]
Sent: Monday, July 13, 2020 3:02 PM
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
Subject: Re: [eCS-ISP] [BULK] [eCS-ISP] Bind 9.11.20 Hi Dan and Lewis, In addition to Lewis's comments - as I recall - newer bind versions don't provide the options of disabling ipv6 support - so we need to provide enough stubs of ipv6 headers to let it compile and work. I did this for openvpn (which similarly doesn't give an option to disable ipv6) - but ironically, it was this added header support that was causing the 100% cpu usage with Bind 9.11.x. For the above reasons, I focussed on maintaining 9.11.x as this is EOL December 2021 - which gives us plenty of time to come up with a solution for the next ESV version. Hi, Dan...
On 07/13/20 12:01 pm, Dan Napier wrote:
> Hello Friends
>
> Did I miss something, I seem to be way ahead of the curve. Running 9.12.4 I am not a Math Major, so I might be wrong, but isn’t 9.11.20 a lower rev?
> 9.12.4 seems to run dandy, reports ip4 and ip6 addresses, does not hog cpu. Did I do something wrong?
>
As you will note here:
https://bind.isc.org/
9.11 is an ESV (Extended Service Release). 9.11.20 is indeed newer than 9.12.4.
BIND 9.12.4 was a maintenance release, specifically to address issues
disclosed in CVE-2018-5744, CVE-2018-5745, and CVE-2019-6465.
9.11.20, OTOH, addresses all security issues up through CVE-2020-8619:
https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/README.md
Not every higher version number necessarily denotes a *newer* or more secure
one. 9.12 was a development branch; 9.11 is a stable one.
9.16 is current, and will eventually become an ESV (I believe), so at some
point, that should become our target.
GL HTH
--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC www.2rosenthals.com
visit my IT blog www.2rosenthals.net/wordpress
-------------------------------------------------------------
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message is sent to you because you are subscribed to
the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com
This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
--
--
This email was Anti Virus checked by Astaro Security Gateway. http://www.sophos.com
|