{"id":63177,"date":"2013-04-11T09:49:54","date_gmt":"2013-04-11T14:49:54","guid":{"rendered":"http:\/\/blog.cpanel.net\/?p=8261"},"modified":"2013-04-11T09:49:54","modified_gmt":"2013-04-11T14:49:54","slug":"open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround","status":"publish","type":"post","link":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/","title":{"rendered":"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old]"},"content":{"rendered":"

Edit: This information is old and may longer be relevant.<\/em><\/p>\n

An open resolver is a DNS server, which will allow a recursive query of an arbitrary domain from any IP address. An open resolver can be used in a reflection DDoS. Only Subnets controlled by the organization should be allowed to conduct recursive queries on a DNS server. [1]<\/p>\n

The problem is bind comes from Red Hat, which has locked the 5.x version to the older bind 9.3. There is a way to get over to bind 9.7 but it is a bit beyond our scope of support. Once you get over to bind 9.7 cPanel will work with it just fine, but you have to move it over. Alternatively, you could just move to CentOS 6.<\/p>\n

WARNING THESE HAVE NOT BEEN TESTED BEYOND BASIC TESTING<\/strong><\/p>\n

-bash-3.2# cp -Rf \/var\/named\/ \/var\/named.bak
\n-bash-3.2# \/scripts\/update_local_rpm_versions –edit target_settings.named uninstalled
\n-bash-3.2# \/scripts\/update_local_rpm_versions –edit target_settings.bind uninstalled<\/p>\n

-bash-3.2# rpm -e bind bind-utils bind-devel bind-libs caching-nameserver<\/p><\/blockquote>\n

At this point you have bind out but you need to get the new version installed. \u00a0<\/p>\n

-bash-3.2# yum -y install bind97 bind97-libs bind97-utils bind97-devel
\nLoaded plugins: fastestmirror, security
\nLoading mirror speeds from cached hostfile
\n * base: mirror.anl.gov
\n * extras: mirror.rackspace.com
\n * updates: mirrors.finalasp.com
\nExcluding Packages in global exclude list
\nFinished
\nSetting up Install Process
\nResolving Dependencies
\n–> Running transaction check
\n—> Package bind97.i386 32:9.7.0-17.P2.el5_9.1 set to be updated
\n—> Package bind97-devel.i386 32:9.7.0-17.P2.el5_9.1 set to be updated
\n—> Package bind97-libs.i386 32:9.7.0-17.P2.el5_9.1 set to be updated
\n—> Package bind97-utils.i386 32:9.7.0-17.P2.el5_9.1 set to be updated
\n–> Finished Dependency Resolution<\/p>\n

Dependencies Resolved<\/p>\n

=======================================================================
\n Package Arch Version Repository Size
\n=======================================================================
\nInstalling:
\n bind97 i386 32:9.7.0-17.P2.el5_9.1 updates 3.5 M
\n bind97-devel i386 32:9.7.0-17.P2.el5_9.1 updates 326 k
\n bind97-libs i386 32:9.7.0-17.P2.el5_9.1 updates 885 k
\n bind97-utils i386 32:9.7.0-17.P2.el5_9.1 updates 188 k<\/p>\n

Transaction Summary
\n=======================================================================
\nInstall 4 Package(s)
\nUpgrade 0 Package(s)<\/p>\n

Total download size: 4.8 M
\nDownloading Packages:
\n(1\/4): bind97-utils-9.7.0-17.P2.el5_9.1.i386.rpm | 188 kB 00:00
\n(2\/4): bind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm | 326 kB 00:01
\n(3\/4): bind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm | 885 kB 00:02
\n(4\/4): bind97-9.7.0-17.P2.el5_9.1.i386.rpm | 3.5 MB 00:04
\n———————————————————————–
\nTotal 567 kB\/s | 4.8 MB 00:08
\nRunning rpm_check_debug
\nRunning Transaction Test
\nFinished Transaction Test
\nTransaction Test Succeeded
\nRunning Transaction
\n Installing : bind97-libs 1\/4
\n Installing : bind97 2\/4
\n Installing : bind97-devel 3\/4
\n Installing : bind97-utils 4\/4<\/p>\n

Installed:
\n bind97.i386 32:9.7.0-17.P2.el5_9.1 bind97-devel.i386 32:9.7.0-17.P2.el5_9.1
\n bind97-libs.i386 32:9.7.0-17.P2.el5_9.1 bind97-utils.i386 32:9.7.0-17.P2.el5_9.1<\/p>\n

Complete!<\/p><\/blockquote>\n

This gets you over to the new version. You now need to cd in \/var\/named to ensure your zone files are there. If they are you’re a short<\/p>\n

\/usr\/local\/cpanel\/scripts\/rebuilddnsconfig<\/p><\/blockquote>\n

away from your update. If they’re missing copy them over from your backup you made at the start. They shouldn’t get moved but it’s worth testing before you go crazy looking for them. Restart named and you can check if your update worked via the status command.<\/p>\n

-bash-3.2# \/etc\/init.d\/named status
\nWARNING: key file (\/etc\/rndc.key) exists, but using default configuration file (\/etc\/rndc.conf)
\nversion: 9.7.0-P2-RedHat-9.7.0-17.P2.el5_9.1
\nCPUs found: 1
\nworker threads: 1
\nnumber of zones: 16
\ndebug level: 0
\nxfers running: 0
\nxfers deferred: 0
\nsoa queries in progress: 0
\nquery logging is OFF
\nrecursive clients: 0\/0\/1000
\ntcp clients: 0\/100
\nserver is up and running
\nnamed (pid 3695) is running…\n<\/p><\/blockquote>\n

That is it, you should be up and running!<\/p>\n

[1] http:\/\/www.practicalsysadmin.com\/wiki\/index.php\/Open_resolvers<\/p>\n","protected":false},"excerpt":{"rendered":"

Edit: This information is old and may longer be relevant. An open resolver is a DNS server, which will allow a recursive query of an arbitrary domain from any IP address. An open resolver can be used in a reflection DDoS. Only Subnets controlled by the organization should be allowed to conduct recursive queries on […]<\/p>\n","protected":false},"author":77,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[61],"tags":[],"class_list":["post-63177","post","type-post","status-publish","format-standard","hentry","category-tips-and-tricks"],"acf":[],"yoast_head":"\nOpen Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old] | cPanel<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old] | cPanel\" \/>\n<meta property=\"og:description\" content=\"Edit: This information is old and may longer be relevant. An open resolver is a DNS server, which will allow a recursive query of an arbitrary domain from any IP address. An open resolver can be used in a reflection DDoS. Only Subnets controlled by the organization should be allowed to conduct recursive queries on […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/\" \/>\n<meta property=\"og:site_name\" content=\"cPanel\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cpanel\/\" \/>\n<meta property=\"article:published_time\" content=\"2013-04-11T14:49:54+00:00\" \/>\n<meta name=\"author\" content=\"cPanel Community\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@cPanel\" \/>\n<meta name=\"twitter:site\" content=\"@cPanel\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"cPanel Community\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/\",\"url\":\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/\",\"name\":\"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old] | cPanel\",\"isPartOf\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/#website\"},\"datePublished\":\"2013-04-11T14:49:54+00:00\",\"dateModified\":\"2013-04-11T14:49:54+00:00\",\"author\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8\"},\"breadcrumb\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/devel.www.cpanel.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old]\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#website\",\"url\":\"https:\/\/devel.www.cpanel.net\/\",\"name\":\"cPanel\",\"description\":\"Hosting Platform of Choices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/devel.www.cpanel.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8\",\"name\":\"cPanel Community\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g\",\"caption\":\"cPanel Community\"},\"description\":\"The web hosting industry's most reliable management solution since 1997. With our first-class support and rich feature set, it's easy to see why our customers and partners make cPanel & WHM their hosting platform of choice. For more information, visit cPanel.net.\",\"sameAs\":[\"https:\/\/cpanel.net\"],\"url\":\"https:\/\/devel.www.cpanel.net\/blog\/author\/cpadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old] | cPanel","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/","og_locale":"en_US","og_type":"article","og_title":"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old] | cPanel","og_description":"Edit: This information is old and may longer be relevant. An open resolver is a DNS server, which will allow a recursive query of an arbitrary domain from any IP address. An open resolver can be used in a reflection DDoS. Only Subnets controlled by the organization should be allowed to conduct recursive queries on […]","og_url":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/","og_site_name":"cPanel","article_publisher":"https:\/\/www.facebook.com\/cpanel\/","article_published_time":"2013-04-11T14:49:54+00:00","author":"cPanel Community","twitter_card":"summary_large_image","twitter_creator":"@cPanel","twitter_site":"@cPanel","twitter_misc":{"Written by":"cPanel Community","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/","url":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/","name":"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old] | cPanel","isPartOf":{"@id":"https:\/\/devel.www.cpanel.net\/#website"},"datePublished":"2013-04-11T14:49:54+00:00","dateModified":"2013-04-11T14:49:54+00:00","author":{"@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8"},"breadcrumb":{"@id":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/devel.www.cpanel.net\/blog\/tips-and-tricks\/open-resolver-handling-with-bind-on-centos-5-x-cannot-update-to-9-7workaround\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/devel.www.cpanel.net\/"},{"@type":"ListItem","position":2,"name":"Open Resolver Handling with Bind on CentOS 5.x cannot Update to 9.7[Workaround][Old]"}]},{"@type":"WebSite","@id":"https:\/\/devel.www.cpanel.net\/#website","url":"https:\/\/devel.www.cpanel.net\/","name":"cPanel","description":"Hosting Platform of Choices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/devel.www.cpanel.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8","name":"cPanel Community","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g","caption":"cPanel Community"},"description":"The web hosting industry's most reliable management solution since 1997. With our first-class support and rich feature set, it's easy to see why our customers and partners make cPanel & WHM their hosting platform of choice. For more information, visit cPanel.net.","sameAs":["https:\/\/cpanel.net"],"url":"https:\/\/devel.www.cpanel.net\/blog\/author\/cpadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts\/63177"}],"collection":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/users\/77"}],"replies":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/comments?post=63177"}],"version-history":[{"count":0,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts\/63177\/revisions"}],"wp:attachment":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/media?parent=63177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/categories?post=63177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/tags?post=63177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}