Re: [NANOG] Re: Reasons why BIND isn't being upgraded

[Pete Ehlke <pde () ehlke net>]

Pim van Riezen (pi () vuurwerk nl) said, on [010201 17:29]:
> This is untrue. I expected this same thing. Then I ran into these gems of
> bogosity while updating 8.2.2-P7 to 8.2.3:
>
> (1) 8.2.3 Doesn't accept the "(" in the SOA string to be on the next line
>     after the IN SOA. Our script-generated zonefiles, about 45000 of them,
>     all had this.

Not accepting a bogus zone file is hardly classifiable as "bogosity".

> documentation (README, CHANGES) mentions any of these problems and I've
> been bitten by them. Yes we're running 8.2.3-REL fine now, but it took a
> couple of _expensive_ reloads to get everything right. If ISC wants my
> trust in the future of their codebase, they will have to work on seeing
> the difference between an "architecture upgrade" and a "security patch".
So, you deployed a new version of bind to a non-trivial set of
production servers without doing any testing on development or QA
systems, and you're blaming your production problems on the isc? I'm
fairly certain that I'm glad you're not running my network,
thankyewverymuch.

-P.