On Wed, Jan 20, 2016 at 11:05:58AM -0700, The Doctor wrote: > > The bind code is what needs to be adjusted, given that openssl 1.1 is > > intentionally introducing API changes and removing direct access to many > > structures. It seems quite unlikely that an EoL version of a > > third-party software is going to magically receive a new release > > allowing it to build against a version of openssl that did not exist > > when it was released. > > That's my issue. I cannot get a more recent bind version to stay > to stable on one box. Bind 9.10 works fine for me, but I use it only as an authoritative server. My recursive resolver is "unbound". And I make sure to build both without GOST support. If BIND is not reliable enough for you, consider some combination "unbound" and/or "nsd". -- Viktor.
