README revision 3b8932de20e12b07f9d874d5538d30e1fac9a9f4
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson BIND version 9 is a major rewrite of nearly all aspects of the
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson underlying BIND architecture. Some of the important features of
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - DNS Security
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson DNSSEC (signed zones)
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson TSIG (signed DNS requests)
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - IP version 6
fd9b6f253eac9dae2e1ad19d49aaa922d5d4f274Mark Andrews Answers DNS queries on IPv6 sockets
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson IPv6 resource records (A6, DNAME, etc.)
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Bitstring Labels
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Experimental IPv6 Resolver Library
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - DNS Protocol Enhancements
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson IXFR, DDNS, Notify, EDNS0
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Improved standards conformance
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson One server process can provide multiple "views" of
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson the DNS namespace, e.g. an "inside" view to certain
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson clients, and an "outside" view to others.
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson - Multiprocessor Support
b90dd6c0a9df584619d3c47be7c9417f55d5ccf6Bob Halley - Improved Portability Architecture
b90dd6c0a9df584619d3c47be7c9417f55d5ccf6Bob Halley BIND version 9 development has been underwritten by the following
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson organizations:
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Sun Microsystems, Inc.
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Hewlett Packard
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Compaq Computer Corporation
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Process Software Corporation
16803617e47c83272013e45ba8eb83a3b11983edAndreas Gustafsson Silicon Graphics, Inc.
70680fa51b0147c726b939b72b2420249429756aBob Halley Network Associates, Inc.
70680fa51b0147c726b939b72b2420249429756aBob Halley U.S. Defense Information Systems Agency
276a77c22af98c78403883b16a82646a0d5b29abPaul Vixie USENIX Association
40d01ce8f3a1889f5799d9b22b26d5398fa75a1bBob Halley Stichting NLnet - NLnet Foundation
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt BIND 9.1.0b1 is the first beta release of BIND 9.1.0.
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt It includes a number of new features:
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt - Many BIND 8 features previously unimplemented in BIND 9,
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt including domain-specific forwarding, the $GENERATE
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt master file directive, and the "blackhole", "dialup",
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt and "sortlist" options
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt - Forwarding of dynamic update requests; this is enabled
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt by the "allow-update-forwarding" option
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt - A new, simplified database interface and a number of
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt sample drivers based on it; see doc/dev/sdb for details
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt - Support for building single-threaded servers for
cb143a725f0c4aa805f8fc66494023448455c773Evan Hunt environments that do not supply POSIX threads
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt - New configuration options: "min-refresh-time",
cb143a725f0c4aa805f8fc66494023448455c773Evan Hunt "max-refresh-time", "min-retry-time", "max-retry-time",
cb143a725f0c4aa805f8fc66494023448455c773Evan Hunt "additional-from-auth", "additional-from-cache",
cb143a725f0c4aa805f8fc66494023448455c773Evan Hunt "notify explicit"
cb143a725f0c4aa805f8fc66494023448455c773Evan Hunt - Faster lookups, particularly in large zones.
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt BIND 9.1.0 also includes experimental implementations of a
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt number of DNS protocols extensions still under development
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt in the IETF. These include transparent processing of
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt unknown RR types and use of the EDNS "DNSSEC OK" bit to
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt explicitly enable DNSSEC processing in responses.
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt Cryptographic operations are now based on the OpenSSL
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt library instead of DNSsafe.
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt Numerous bugs have been fixed.
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt BIND 9.1.0 is primarily a name server software distribution.
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt In addition to the name server, it also includes a new
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt lightweight stub resolver library and associated resolver
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt daemon that fully support forward and reverse lookups of both
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt IPv4 and IPv6 addresses. This library is still considered
cb143a725f0c4aa805f8fc66494023448455c773Evan Hunt experimental and is not a complete replacement for the BIND 8
96b1a311fc960d146193532bbbebcfcaa7ea7926Evan Hunt resolver library. Applications that use the BIND 8 res_*
e4c4cf5177d23e144897e0e26ae210cfdb9612ebEvan Hunt functions to perform DNS lookups or dynamic updates still need
73dbd4e9331f99e93beaaf285ef6f036735813caMark Andrews to be linked against the BIND 8 libraries. For DNS lookups,
73dbd4e9331f99e93beaaf285ef6f036735813caMark Andrews they can also use the new "getrrsetbyname()" API.
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt BIND 9.1.0 is capable of acting as an authoritative server
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt for DNSSEC secured zones. This functionality is believed to
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt be stable and complete except for lacking support for wildcard
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt records in secure zones.
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt When acting as a caching server, BIND 9.1.0 can be configured
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt to perform DNSSEC secure resolution on behalf of its clients.
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt This part of the DNSSEC implementation is still considered
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt experimental. For detailed information about the state of the
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt DNSSEC implementation, see the file doc/misc/dnssec.
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt There are a few known bugs:
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt On some systems, IPv6 and IPv4 sockets interact in
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt unexpected ways. For details, see doc/misc/ipv6.
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt To reduce the impact of these problems, the server
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt no longer listens for requests on IPv6 addresses
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt by default. If you need to accept DNS queries over
5f6b9acfe985004f70384f0cd72991396acf5103Evan Hunt IPv6, you must specify "listen-on-v6 { any; };"
73dbd4e9331f99e93beaaf285ef6f036735813caMark Andrews in the named.conf options statement.
492df0587443c32932057b77adf729c73ca36266Tatuya JINMEI 神明達哉 There are known problems with thread signal handling
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt under Solaris 2.6.
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt On FreeBSD systems, the server logs error messages
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt like "fcntl(8, F_SETFL, 4): Inappropriate ioctl for
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt device". This is due to a bug in the FreeBSD
af104911b781444e0b2d3da9df553897e511303aEvan Hunt /dev/random device. The bug has been reported
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt to the FreeBSD maintainers. Versions of OpenBSD
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt prior to 2.8 have a similar problem.
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt --with-libtool does not work on AIX.
b272d38cc5d24f64c0647a9afb340c21c4b9aaf7Evan Hunt For a detailed list of user-visible changes from
b272d38cc5d24f64c0647a9afb340c21c4b9aaf7Evan Hunt previous releases, see the CHANGES file.
d699672160ba01589227ac046a28e20d55336facEvan Hunt BIND 9 currently requires a UNIX system with an ANSI C compiler,
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt basic POSIX support, and a good pthreads implementation.
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt We've had successful builds and tests on the following systems:
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt COMPAQ Tru64 UNIX 4.0D
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt COMPAQ Tru64 UNIX 5 (with IPv6 EAK)
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt FreeBSD 3.4-STABLE, 3.5, 4.0, 4.1
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt NetBSD-current (with unproven-pthreads-0.17)
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Red Hat Linux 6.0, 6.1, 6.2
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Solaris 2.6, 7, 8
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Additionally, we have unverified reports of success building
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt previous versions of BIND 9 from users of the following systems:
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Slackware Linux 7.0 with 2.4.0-test6 kernel and glibc 2.1.3
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Slackware Linux 7.0.1 with glibc 2.1.3
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt OpenBSD 2.6, 2.8, -current
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt UnixWare 7.1.1 once the IN6_IS_ADDR_MULTICAST macro in
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt /usr/include/netinet/in6_f.h is repaired (== vs =).
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt To build, just
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Several environment variables that can be set before running
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt configure will affect compilation:
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt The C compiler to use. configure tries to figure
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt out the right one for supported systems.
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt C compiler flags. Defaults to include -g and/or -O2
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt as supported by the compiler.
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt STD_CINCLUDES
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt System header file directories. Can be used to specify
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt where add-on thread or IPv6 support is, for example.
b497531c76ea5f9aeed0c1707b6156c104c633ddEvan Hunt Defaults to empty string.
276a77c22af98c78403883b16a82646a0d5b29abPaul Vixie STD_CDEFINES
40d01ce8f3a1889f5799d9b22b26d5398fa75a1bBob Halley Any additional preprocessor symbols you want defined.
40d01ce8f3a1889f5799d9b22b26d5398fa75a1bBob Halley Defaults to empty string.
76860484adfbadeecfeb3a7132ede916ee2102ffBrian Wellington To build shared libraries, specify "--with-libtool" on the
8db66dc4eb654a2e295eaeab3aaf96e24c9ae7b7Bob Halley configure command line.
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley To build without multithreading, specify "--disable-threads"
3b71206de9478a75ba735391498959bc54d542a2Mark Andrews on the configure command line.
65085946d4f92481699678e276e3ced04bcfdafbMark Andrews If your operating system has integrated support for IPv6, it
3b71206de9478a75ba735391498959bc54d542a2Mark Andrews will be used automatically. If you have installed KAME IPv6
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey separately, use "--with-kame[=PATH]" to specify its location.
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey To see additional configure options, run "configure --help".
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey "make install" will install "named" and the various BIND 9 libraries.
ce249202297281e4b5aad3c310008ed16f810096Evan Hunt By default, installation is into /usr/local, but this can be changed
ce249202297281e4b5aad3c310008ed16f810096Evan Hunt with the "--prefix" option when running "configure".
ce249202297281e4b5aad3c310008ed16f810096Evan Hunt If you're planning on making changes to the BIND 9 source, you
ce249202297281e4b5aad3c310008ed16f810096Evan Hunt should also "make depend". If you're using Emacs, you might find
d80ccd47ad4b526f82590b6c182b4dd80006712eAndreas Gustafsson "make tags" helpful.
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey Building with gcc is not supported, unless gcc is the vendor's usual
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey compiler (e.g. the various BSD systems, Linux).
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey Parts of the library can be tested by running "make test" from the
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey The BIND 9 Administrator Reference Manual is included with the
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey source distribution in HTML and plain text format, in the
0bdc099a35e8446d0c5a9b54f3d6459d59455980Jonathan Casey doc/arm directory. A PDF version can be downloaded separately
a0cad57966364095e4367f568389a8bd84afb2afAndreas Gustafsson Some of the programs in the BIND 9 distribution have man pages
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley under the doc/man directory. In particular, the command line
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley options of "named" are documented in doc/man/bind/named.8.
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley The man pages are currently not installed automatically by
36983956d7c3d9e294903eeda29548f67ac17daeBob Halley "make install".
8eb5937a7e4cb8b5d7fcc1be17d34fdd014bbbb1Andreas Gustafsson If you are upgrading from BIND 8, please read the migration
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas GustafssonBug Reports and Mailing Lists
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson Bugs reports should be sent to
b70fc17acec2c036bb35a937ba00fbcf10848859David Lawrence bind9-bugs@isc.org
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson To join the BIND 9 Users mailing list, send mail to
b70fc17acec2c036bb35a937ba00fbcf10848859David Lawrence bind9-users-request@isc.org
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson If you're planning on making changes to the BIND 9 source
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson code, you might want to join the BIND 9 Workers mailing list.
3b8932de20e12b07f9d874d5538d30e1fac9a9f4Andreas Gustafsson bind9-workers-request@isc.org