> something like this would probably do it, but would be undone anytime
> you update
>
> --- /etc/rc Sat Aug 22 03:06:56 2015
> +++ /etc/rc.new Sun Aug 23 12:27:53 2015
> @@ -371,7 +371,7 @@
> make_keys
>
> echo -n 'starting early daemons:'
> -start_daemon syslogd ldattach pflogd nsd unbound ntpd
> +start_daemon syslogd ldattach pflogd isc_named ntpd
> start_daemon iscsid isakmpd iked sasyncd ldapd npppd
> echo '.'
>
>
> On 08/23/15 12:00, George wrote:
> > Hi guys,
> >
> > I was wondering if someone might have a hint on how to start isc_name
> > (on 5.7) earlier than network services like DHCP and NFS. This was OK
> > for me on 5.6 when it was in base but now I have issues as my configs
> > are tied to DNS services on the local machine.
> >
> > I read a bit and fiddled with the rc code, getting failures there, ... I
> > am maybe not looking in the right place??
Or don't use ISC BIND. Start your migrationg towards unbound / nsd,
which are the new, safer toolkit for DNS.
In my opinion, ISC BIND falls soundly into this catagory:
https://en.wikipedia.org/wiki/Unsafe_at_Any_Speed
"general reluctance to spend money on improving safety"
Except in this case, it is not the "manufacturers", but the drivers
failing to spend "time" catching up.
There is a general reluctance by many system administrators to
(a) comprehend that two decades of research has demonstrated the
unsoundness of resource record caching when doing
mixed authoritative + recursive
(b) because it can do do mixed mode, in practice BIND encourages
doing so
(c) in part, NSD and unbound were written to stop that practice
(d) Some of you are sticks in the mud, and deserve to get hurt.
