README revision 3b8932de20e12b07f9d874d5538d30e1fac9a9f4
b90dd6c0a9df584619d3c47be7c9417f55d5ccf6Bob Halley BIND version 9 is a major rewrite of nearly all aspects of the
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson underlying BIND architecture. Some of the important features of
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - DNS Security
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson DNSSEC (signed zones)
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson TSIG (signed DNS requests)
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - IP version 6
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Answers DNS queries on IPv6 sockets
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson IPv6 resource records (A6, DNAME, etc.)
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Bitstring Labels
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Experimental IPv6 Resolver Library
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - DNS Protocol Enhancements
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson IXFR, DDNS, Notify, EDNS0
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Improved standards conformance
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson One server process can provide multiple "views" of
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson the DNS namespace, e.g. an "inside" view to certain
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson clients, and an "outside" view to others.
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - Multiprocessor Support
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - Improved Portability Architecture
b90dd6c0a9df584619d3c47be7c9417f55d5ccf6Bob Halley BIND version 9 development has been underwritten by the following
b90dd6c0a9df584619d3c47be7c9417f55d5ccf6Bob Halley organizations:
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Sun Microsystems, Inc.
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Hewlett Packard
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Compaq Computer Corporation
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Process Software Corporation
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Silicon Graphics, Inc.
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Network Associates, Inc.
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson U.S. Defense Information Systems Agency
70680fa51b0147c726b939b72b2420249429756aBob Halley USENIX Association
70680fa51b0147c726b939b72b2420249429756aBob Halley Stichting NLnet - NLnet Foundation
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson BIND 9.1.0b1 is the first beta release of BIND 9.1.0.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson It includes a number of new features:
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson - Many BIND 8 features previously unimplemented in BIND 9,
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson including domain-specific forwarding, the $GENERATE
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson master file directive, and the "blackhole", "dialup",
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson and "sortlist" options
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson - Forwarding of dynamic update requests; this is enabled
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson by the "allow-update-forwarding" option
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson - A new, simplified database interface and a number of
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson sample drivers based on it; see doc/dev/sdb for details
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson - Support for building single-threaded servers for
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson environments that do not supply POSIX threads
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson - New configuration options: "min-refresh-time",
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson "max-refresh-time", "min-retry-time", "max-retry-time",
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson "additional-from-auth", "additional-from-cache",
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson "notify explicit"
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson - Faster lookups, particularly in large zones.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson BIND 9.1.0 also includes experimental implementations of a
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson number of DNS protocols extensions still under development
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson in the IETF. These include transparent processing of
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson unknown RR types and use of the EDNS "DNSSEC OK" bit to
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson explicitly enable DNSSEC processing in responses.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Cryptographic operations are now based on the OpenSSL
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson library instead of DNSsafe.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Numerous bugs have been fixed.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson BIND 9.1.0 is primarily a name server software distribution.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson In addition to the name server, it also includes a new
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson lightweight stub resolver library and associated resolver
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson daemon that fully support forward and reverse lookups of both
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson IPv4 and IPv6 addresses. This library is still considered
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson experimental and is not a complete replacement for the BIND 8
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson resolver library. Applications that use the BIND 8 res_*
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson functions to perform DNS lookups or dynamic updates still need
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson to be linked against the BIND 8 libraries. For DNS lookups,
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson they can also use the new "getrrsetbyname()" API.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson BIND 9.1.0 is capable of acting as an authoritative server
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson for DNSSEC secured zones. This functionality is believed to
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson be stable and complete except for lacking support for wildcard
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson records in secure zones.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson When acting as a caching server, BIND 9.1.0 can be configured
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson to perform DNSSEC secure resolution on behalf of its clients.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson This part of the DNSSEC implementation is still considered
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson experimental. For detailed information about the state of the
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson DNSSEC implementation, see the file doc/misc/dnssec.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson There are a few known bugs:
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson On some systems, IPv6 and IPv4 sockets interact in
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson unexpected ways. For details, see doc/misc/ipv6.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson To reduce the impact of these problems, the server
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson no longer listens for requests on IPv6 addresses
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson by default. If you need to accept DNS queries over
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson IPv6, you must specify "listen-on-v6 { any; };"
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson in the named.conf options statement.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson There are known problems with thread signal handling
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson under Solaris 2.6.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson On FreeBSD systems, the server logs error messages
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson like "fcntl(8, F_SETFL, 4): Inappropriate ioctl for
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson device". This is due to a bug in the FreeBSD
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson /dev/random device. The bug has been reported
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson to the FreeBSD maintainers. Versions of OpenBSD
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson prior to 2.8 have a similar problem.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson --with-libtool does not work on AIX.
e5256e34b4a26a26088b2dc5ca621b42c0750256Andreas Gustafsson For a detailed list of user-visible changes from
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence previous releases, see the CHANGES file.
8db66dc4eb654a2e295eaeab3aaf96e24c9ae7b7Bob Halley BIND 9 currently requires a UNIX system with an ANSI C compiler,
8db66dc4eb654a2e295eaeab3aaf96e24c9ae7b7Bob Halley basic POSIX support, and a good pthreads implementation.
501da430e2f16f496f8e8d1b57ab77f78428c682David Lawrence We've had successful builds and tests on the following systems:
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley COMPAQ Tru64 UNIX 4.0D
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson COMPAQ Tru64 UNIX 5 (with IPv6 EAK)
2ecf7f63a01ca8a96d76f7d2d4de0fa37f3e3fabOlafur Gudmundsson FreeBSD 3.4-STABLE, 3.5, 4.0, 4.1
d80ccd47ad4b526f82590b6c182b4dd80006712eAndreas Gustafsson NetBSD-current (with unproven-pthreads-0.17)
a81d239754610b4e50892149bf8a570b257f6555Bob Halley Red Hat Linux 6.0, 6.1, 6.2
997e3113b7c91ec94e6274d31735f122e6e8209cAndreas Gustafsson Solaris 2.6, 7, 8
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Additionally, we have unverified reports of success building
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson previous versions of BIND 9 from users of the following systems:
a0cad57966364095e4367f568389a8bd84afb2afAndreas Gustafsson Slackware Linux 7.0 with 2.4.0-test6 kernel and glibc 2.1.3
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Slackware Linux 7.0.1 with glibc 2.1.3
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson OpenBSD 2.6, 2.8, -current
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson UnixWare 7.1.1 once the IN6_IS_ADDR_MULTICAST macro in
bacb365014b37c9d6d377fc41797bd651d3f6727Mark Andrews /usr/include/netinet/in6_f.h is repaired (== vs =).
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley To build, just
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Several environment variables that can be set before running
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson configure will affect compilation:
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson The C compiler to use. configure tries to figure
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson out the right one for supported systems.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson C compiler flags. Defaults to include -g and/or -O2
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson as supported by the compiler.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson System header file directories. Can be used to specify
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson where add-on thread or IPv6 support is, for example.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Defaults to empty string.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Any additional preprocessor symbols you want defined.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Defaults to empty string.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson To build shared libraries, specify "--with-libtool" on the
69930116e30137705d3b87d05cbfbc5712386fdeAndreas Gustafsson configure command line.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson To build without multithreading, specify "--disable-threads"
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson on the configure command line.
e21262ae8af5d12f64a2242e26338f36901ba4ccAndreas Gustafsson If your operating system has integrated support for IPv6, it
e21262ae8af5d12f64a2242e26338f36901ba4ccAndreas Gustafsson will be used automatically. If you have installed KAME IPv6
e21262ae8af5d12f64a2242e26338f36901ba4ccAndreas Gustafsson separately, use "--with-kame[=PATH]" to specify its location.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson To see additional configure options, run "configure --help".
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley "make install" will install "named" and the various BIND 9 libraries.
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley By default, installation is into /usr/local, but this can be changed
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley with the "--prefix" option when running "configure".
5f5bb44065a3e7f506e4afd4d81c89da2931bf1bBob Halley If you're planning on making changes to the BIND 9 source, you
5f5bb44065a3e7f506e4afd4d81c89da2931bf1bBob Halley should also "make depend". If you're using Emacs, you might find
5f5bb44065a3e7f506e4afd4d81c89da2931bf1bBob Halley "make tags" helpful.
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley Building with gcc is not supported, unless gcc is the vendor's usual
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley compiler (e.g. the various BSD systems, Linux).
fe82c227f69c4a95d9db2f64f07e55daaf9499e6Bob Halley Parts of the library can be tested by running "make test" from the
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson The BIND 9 Administrator Reference Manual is included with the
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson source distribution in HTML and plain text format, in the
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson doc/arm directory. A PDF version can be downloaded separately
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson Some of the programs in the BIND 9 distribution have man pages
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson under the doc/man directory. In particular, the command line
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson options of "named" are documented in doc/man/bind/named.8.
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson The man pages are currently not installed automatically by
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson "make install".
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas Gustafsson If you are upgrading from BIND 8, please read the migration
413d5565ba2af24f12dc54d6e6807af7f1a39867Andreas GustafssonBug Reports and Mailing Lists
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley Bugs reports should be sent to
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley bind9-bugs@isc.org
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley To join the BIND 9 Users mailing list, send mail to
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley bind9-users-request@isc.org
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley If you're planning on making changes to the BIND 9 source
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley code, you might want to join the BIND 9 Workers mailing list.
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley Send mail to
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley bind9-workers-request@isc.org