Bv9ARM.ch09.html revision a3ff24aaa545c45b8c581b2127d02d735aff8881
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - Copyright (C) 2000-2003 Internet Software Consortium.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - Permission to use, copy, modify, and/or distribute this software for any
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - purpose with or without fee is hereby granted, provided that the above
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - copyright notice and this permission notice appear in all copies.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek - PERFORMANCE OF THIS SOFTWARE.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<!-- $Id$ -->
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<link rel="prev" href="Bv9ARM.ch08.html" title="Chapter�8.�Troubleshooting">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<link rel="next" href="Bv9ARM.ch10.html" title="Manual pages">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<table width="100%" summary="Navigation header">
fb3c5cdfcda069a5fbeb7b9d200c0881911364b8Jakub Hrozek<tr><th colspan="3" align="center">Appendix�A.�Appendices</th></tr>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a accesskey="p" href="Bv9ARM.ch08.html">Prev</a>�</td>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch10.html">Next</a>
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek<div class="titlepage"><div><div><h2 class="title">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<a name="Bv9ARM.ch09"></a>Appendix�A.�Appendices</h2></div></div></div>
9c62d6619b87f1255ef6515280a20552fca9d925Lukas Slebodnik<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2580657">Release Notes for BIND Version 9.11.0pre-alpha</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_intro">Introduction</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_download">Download</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_security">Security Fixes</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_features">New Features</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_changes">Feature Changes</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_bugs">Bug Fixes</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#relnotes_thanks">Thank You</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2607587">Acknowledgments</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch09.html#historical_dns_information">A Brief History of the <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym></a></span></dt></dl></dd>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2607758">General <acronym class="acronym">DNS</acronym> Reference Information</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch09.html#ipv6addresses">IPv6 addresses (AAAA)</a></span></dt></dl></dd>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect1"><a href="Bv9ARM.ch09.html#bibliography">Bibliography (and Suggested Reading)</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#rfcs">Request for Comments (RFCs)</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#internet_drafts">Internet Drafts</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610970">Other Documents About <acronym class="acronym">BIND</acronym></a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect1"><a href="Bv9ARM.ch09.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2614715">Prerequisite</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2614725">Compilation</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2613452">Installation</a></span></dt>
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2613483">Known Defects/Restrictions</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2613560">The dns.conf File</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2613587">Sample Applications</a></span></dt>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2614423">Library References</a></span></dt>
9c62d6619b87f1255ef6515280a20552fca9d925Lukas Slebodnik<div class="titlepage"><div><div><h2 class="title" style="clear: both">
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek<a name="id2580657"></a>Release Notes for BIND Version 9.11.0pre-alpha</h2></div></div></div>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<a name="relnotes_intro"></a>Introduction</h3></div></div></div>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek This document summarizes changes since the last production release
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek of BIND on the corresponding major release branch.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<a name="relnotes_download"></a>Download</h3></div></div></div>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek The latest versions of BIND 9 software can always be found at
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek <a href="http://www.isc.org/downloads/" target="_top">http://www.isc.org/downloads/</a>.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek There you will find additional information about each release,
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek source code, and pre-compiled versions for Microsoft Windows
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek operating systems.
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek<a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek Errors reported when running <span><strong class="command">rndc addzone</strong></span>
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek (e.g., when a zone file cannot be loaded) have been clarified
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek to make it easier to diagnose problems.
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek<a name="relnotes_features"></a>New Features</h3></div></div></div>
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek The serial number of a dynamically updatable zone can
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek now be set using
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek <span><strong class="command">rndc signing -serial <em class="replaceable"><code>number</code></em> <em class="replaceable"><code>zonename</code></em></strong></span>.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek This is particularly useful with <code class="option">inline-signing</code>
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek zones that have been reset. Setting the serial number to a value
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek larger than that on the slaves will trigger an AXFR-style
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek When answering recursive queries, SERVFAIL responses can now be
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek cached by the server for a limited time; subsequent queries for
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek the same query name and type will return another SERVFAIL until
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek the cache times out. This reduces the frequency of retries
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek when a query is persistently failing, which can be a burden
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek on recursive serviers. The SERVFAIL cache timeout is controlled
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek by <code class="option">servfail-ttl</code>, which defaults to 10 seconds
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek and has an upper limit of 30.
b4f87b42b18888c396e44e7359f7aafb092221bfJakub Hrozek The new <span><strong class="command">rndc nta</strong></span> command can now be used to
16cb0969f0a9ea71524d852077d6a480740d4f12Jakub Hrozek set a "negative trust anchor" (NTA), disabling DNSSEC validation for
16cb0969f0a9ea71524d852077d6a480740d4f12Jakub Hrozek a specific domain; this can be used when responses from a domain
16cb0969f0a9ea71524d852077d6a480740d4f12Jakub Hrozek are known to be failing validation due to administrative error
16cb0969f0a9ea71524d852077d6a480740d4f12Jakub Hrozek rather than because of a spoofing attack. NTAs are strictly
16cb0969f0a9ea71524d852077d6a480740d4f12Jakub Hrozek temporary; by default they expire after one hour, but can be
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek configured to last up to one week. The default NTA lifetime
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek can be changed by setting the <code class="option">nta-lifetime</code> in
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek The EDNS Client Subnet (ECS) option is now supported for
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek authoritative servers; if a query contains an ECS option then
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek ACLs containing <code class="option">geoip</code> or <code class="option">ecs</code>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek elements can match against the the address encoded in the option.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek This can be used to select a view for a query, so that different
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek answers can be provided depending on the client network.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek The EDNS EXPIRE option has been implemented on the client
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek side, allowing a slave server to set the expiration timer
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek correctly when transferring zone data from another slave
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek A new <code class="option">masterfile-style</code> zone option controls
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek the formatting of text zone files: When set to
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="literal">full</code>, the zone file will dumped in
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek single-line-per-record format.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dig +ednsopt</strong></span> can now be used to set
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek arbitrary EDNS options in DNS requests.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dig +ednsflags</strong></span> can now be used to set
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek yet-to-be-defined EDNS flags in DNS requests.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dig +header-only</strong></span> can now be used to send
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek queries without a question section.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dig +ttlunits</strong></span> causes <span><strong class="command">dig</strong></span>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek to print TTL values with time-unit suffixes: w, d, h, m, s for
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek weeks, days, hours, minutes, and seconds.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dig +dscp=<em class="replaceable"><code>value</code></em></strong></span>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek can now be used to set the DSCP code point in outgoing query
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="option">serial-update-method</code> can now be set to
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="literal">date</code>. On update, the serial number will
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek be set to the current date in YYYYMMDDNN format.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dnssec-signzone -N date</strong></span> also sets the serial
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek number to YYYYMMDDNN.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">named -L <em class="replaceable"><code>filename</code></em></strong></span>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek causes named to send log messages to the specified file by
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek default instead of to the system log.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek The rate limiter configured by the
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="option">serial-query-rate</code> option no longer covers
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek NOTIFY messages; those are now separately controlled by
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="option">startup-notify-rate</code> (the latter of which
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek controls the rate of NOTIFY messages sent when the server
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek is first started up or reconfigured).
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek The default number of tasks and client objects available
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek for serving lightweight resolver queries have been increased,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek and are now configurable via the new <code class="option">lwres-tasks</code>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek and <code class="option">lwres-clients</code> options in
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="filename">named.conf</code>. [RT #35857]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Log output to files can now be buffered by specifying
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">buffered yes;</strong></span> when creating a channel.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="relnotes_changes"></a>Feature Changes</h3></div></div></div>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek ACLs containing <span><strong class="command">geoip asnum</strong></span> elements were
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek not correctly matched unless the full organization name was
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek specified in the ACL (as in
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">geoip asnum "AS1234 Example, Inc.";</strong></span>).
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek They can now match against the AS number alone (as in
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">geoip asnum "AS1234";</strong></span>).
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek When using native PKCS#11 cryptography (i.e.,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">configure --enable-native-pkcs11</strong></span>) HSM PINs
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek of up to 256 characters can now be used.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek NXDOMAIN responses to queries of type DS are now cached separately
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek from those for other types. This helps when using "grafted" zones
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek of type forward, for which the parent zone does not contain a
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek delegation, such as local top-level domains. Previously a query
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek of type DS for such a zone could cause the zone apex to be cached
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek as NXDOMAIN, blocking all subsequent queries. (Note: This
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek change is only helpful when DNSSEC validation is not enabled.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek "Grafted" zones without a delegation in the parent are not a
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek recommended configuration.)
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Update forwarding performance has been improved by allowing
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek a single TCP connection to be shared between multiple updates.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek By default, <span><strong class="command">nsupdate</strong></span> will now check
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek the correctness of hostnames when adding records of type
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek A, AAAA, MX, SOA, NS, SRV or PTR. This behavior can be
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek disabled with <span><strong class="command">check-names no</strong></span>.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">dig</strong></span>, <span><strong class="command">host</strong></span> and
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">nslookup</strong></span> aborted when encountering
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek a name which, after appending search list elements,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek exceeded 255 bytes. Such names are now skipped, but
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek processing of other names will continue. [RT #36892]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek The error message generated when
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">named-checkzone</strong></span> or
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span><strong class="command">named-checkconf -z</strong></span> encounters a
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="option">$TTL</code> directive without a value has
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek been clarified. [RT #37138]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Semicolon characters (;) included in TXT records were
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek incorrectly escaped with a backslash when the record was
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek displayed as text. This is actually only necessary when there
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek are no quotation marks. [RT #37159]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek When files opened for writing by <span><strong class="command">named</strong></span>,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek such as zone journal files, were referenced more than once
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek in <code class="filename">named.conf</code>, it could lead to file
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek corruption as multiple threads wrote to the same file. This
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek is now detected when loading <code class="filename">named.conf</code>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek and reported as an error. [RT #37172]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek When checking for updates to trust anchors listed in
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <code class="option">managed-keys</code>, <span><strong class="command">named</strong></span>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek now revalidates keys based on the current set of
f3d91181d4ee9da3f8bbf4ddf8782951c0ae46c1Jakub Hrozek active trust anchors, without relying on any cached
f3d91181d4ee9da3f8bbf4ddf8782951c0ae46c1Jakub Hrozek record of previous validation. [RT #37506]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Large-system tuning
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek (<span><strong class="command">configure --with-tuning=large</strong></span>) caused
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek problems on some platforms by setting a socket receive
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek buffer size that was too large. This is now detected and
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek corrected at run time. [RT #37187]
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="relnotes_thanks"></a>Thank You</h3></div></div></div>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Thank you to everyone who assisted us in making this release possible.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek If you would like to contribute to ISC to assist us in continuing to
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek make quality open source software, please visit our donations page at
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <a href="http://www.isc.org/donate/" target="_top">http://www.isc.org/donate/</a>.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h2 class="title" style="clear: both">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="id2607587"></a>Acknowledgments</h2></div></div></div>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="historical_dns_information"></a>A Brief History of the <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Although the "official" beginning of the Domain Name
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek System occurred in 1984 with the publication of RFC 920, the
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek core of the new system was described in 1983 in RFCs 882 and
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek 883. From 1984 to 1987, the ARPAnet (the precursor to today's
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Internet) became a testbed of experimentation for developing the
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek new naming/addressing scheme in a rapidly expanding,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek operational network environment. New RFCs were written and
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek published in 1987 that modified the original documents to
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek incorporate improvements based on the working model. RFC 1034,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek "Domain Names-Concepts and Facilities", and RFC 1035, "Domain
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Names-Implementation and Specification" were published and
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek became the standards upon which all <acronym class="acronym">DNS</acronym> implementations are
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek The first working domain name server, called "Jeeves", was
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek written in 1983-84 by Paul Mockapetris for operation on DEC
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek machines located at the University of Southern California's
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Sciences Institute (USC-ISI) and SRI International's Network
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Center (SRI-NIC). A <acronym class="acronym">DNS</acronym> server for
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Unix machines, the Berkeley Internet
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Name Domain (<acronym class="acronym">BIND</acronym>) package, was
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek written soon after by a group of
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek graduate students at the University of California at Berkeley
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek a grant from the US Defense Advanced Research Projects
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Administration
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Versions of <acronym class="acronym">BIND</acronym> through
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek 4.8.3 were maintained by the Computer
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Systems Research Group (CSRG) at UC Berkeley. Douglas Terry, Mark
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Painter, David Riggle and Songnian Zhou made up the initial <acronym class="acronym">BIND</acronym>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek project team. After that, additional work on the software package
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek was done by Ralph Campbell. Kevin Dunlap, a Digital Equipment
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek employee on loan to the CSRG, worked on <acronym class="acronym">BIND</acronym> for 2 years, from 1985
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek to 1987. Many other people also contributed to <acronym class="acronym">BIND</acronym> development
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek during that time: Doug Kingston, Craig Partridge, Smoot
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Carl-Mitchell,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Mike Muuss, Jim Bloom and Mike Schwartz. <acronym class="acronym">BIND</acronym> maintenance was subsequently
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek handled by Mike Karels and �ivind Kure.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <acronym class="acronym">BIND</acronym> versions 4.9 and 4.9.1 were
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek released by Digital Equipment
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Corporation (now Compaq Computer Corporation). Paul Vixie, then
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek a DEC employee, became <acronym class="acronym">BIND</acronym>'s
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek primary caretaker. He was assisted
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek by Phil Almquist, Robert Elz, Alan Barrett, Paul Albitz, Bryan
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Beecher, Andrew
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Partan, Andy Cherenson, Tom Limoncelli, Berthold Paffrath, Fuat
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Baran, Anant Kumar, Art Harkin, Win Treese, Don Lewis, Christophe
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Wolfhugel, and others.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek In 1994, <acronym class="acronym">BIND</acronym> version 4.9.2 was sponsored by
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Vixie Enterprises. Paul
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Vixie became <acronym class="acronym">BIND</acronym>'s principal
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <acronym class="acronym">BIND</acronym> versions from 4.9.3 onward
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek have been developed and maintained
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek by the Internet Systems Consortium and its predecessor,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek the Internet Software Consortium, with support being provided
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek by ISC's sponsors.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Paul Vixie released the first production-ready version of
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <acronym class="acronym">BIND</acronym> version 8 in May 1997.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek BIND version 9 was released in September 2000 and is a
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek major rewrite of nearly all aspects of the underlying
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek BIND architecture.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek BIND versions 4 and 8 are officially deprecated.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek No additional development is done
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek on BIND version 4 or BIND version 8.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <acronym class="acronym">BIND</acronym> development work is made
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek possible today by the sponsorship
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek of several corporations, and by the tireless work efforts of
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek numerous individuals.
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h2 class="title" style="clear: both">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="id2607758"></a>General <acronym class="acronym">DNS</acronym> Reference Information</h2></div></div></div>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek<a name="ipv6addresses"></a>IPv6 addresses (AAAA)</h3></div></div></div>
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek IPv6 addresses are 128-bit identifiers for interfaces and
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek sets of interfaces which were introduced in the <acronym class="acronym">DNS</acronym> to facilitate
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek scalable Internet routing. There are three types of addresses: <span class="emphasis"><em>Unicast</em></span>,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek an identifier for a single interface;
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span class="emphasis"><em>Anycast</em></span>,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek an identifier for a set of interfaces; and <span class="emphasis"><em>Multicast</em></span>,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek an identifier for a set of interfaces. Here we describe the global
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek Unicast address scheme. For more information, see RFC 3587,
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek "Global Unicast Address Format."
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek IPv6 unicast addresses consist of a
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span class="emphasis"><em>global routing prefix</em></span>, a
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span class="emphasis"><em>subnet identifier</em></span>, and an
44703b84feaafa4f0a4f8df11c5a503dcf48616eJakub Hrozek <span class="emphasis"><em>interface identifier</em></span>.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek The global routing prefix is provided by the
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek upstream provider or ISP, and (roughly) corresponds to the
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek IPv4 <span class="emphasis"><em>network</em></span> section
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek of the address range.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek The subnet identifier is for local subnetting, much the
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek same as subnetting an
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek IPv4 /16 network into /24 subnets.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek The interface identifier is the address of an individual
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek interface on a given network; in IPv6, addresses belong to
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek interfaces rather than to machines.
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek The subnetting capability of IPv6 is much more flexible than
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek that of IPv4: subnetting can be carried out on bit boundaries,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek in much the same way as Classless InterDomain Routing
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek (CIDR), and the DNS PTR representation ("nibble" format)
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek makes setting up reverse zones easier.
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek The Interface Identifier must be unique on the local link,
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek and is usually generated automatically by the IPv6
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek implementation, although it is usually possible to
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek override the default setting if necessary. A typical IPv6
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek address might look like:
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek <span><strong class="command">2001:db8:201:9:a00:20ff:fe81:2b32</strong></span>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek IPv6 address specifications often contain long strings
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek of zeros, so the architects have included a shorthand for
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek them. The double colon (`::') indicates the longest possible
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek of zeros that can fit, and can be used only once in an address.
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<div class="titlepage"><div><div><h2 class="title" style="clear: both">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<a name="bibliography"></a>Bibliography (and Suggested Reading)</h2></div></div></div>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<div class="titlepage"><div><div><h3 class="title">
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek<a name="rfcs"></a>Request for Comments (RFCs)</h3></div></div></div>
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek Specification documents for the Internet protocol suite, including
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek the <acronym class="acronym">DNS</acronym>, are published as part of
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek the Request for Comments (RFCs)
4e5e846de22407f825fe3b4040d79606818a2419Jakub Hrozek series of technical notes. The standards themselves are defined
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek by the Internet Engineering Task Force (IETF) and the Internet
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek Engineering Steering Group (IESG). RFCs can be obtained online via FTP at:
<a name="id2608025"></a><p>[<abbr class="abbrev">RFC974</abbr>] <span class="author"><span class="firstname">C.</span> <span class="surname">Partridge</span>. </span><span class="title"><i>Mail Routing and the Domain System</i>. </span><span class="pubdate">January 1986. </span></p>
<a name="id2608049"></a><p>[<abbr class="abbrev">RFC1034</abbr>] <span class="author"><span class="firstname">P.V.</span> <span class="surname">Mockapetris</span>. </span><span class="title"><i>Domain Names — Concepts and Facilities</i>. </span><span class="pubdate">November 1987. </span></p>
<a name="id2608072"></a><p>[<abbr class="abbrev">RFC1035</abbr>] <span class="author"><span class="firstname">P. V.</span> <span class="surname">Mockapetris</span>. </span><span class="title"><i>Domain Names — Implementation and
<a name="id2608108"></a><p>[<abbr class="abbrev">RFC2181</abbr>] <span class="author"><span class="firstname">R., R. Bush</span> <span class="surname">Elz</span>. </span><span class="title"><i>Clarifications to the <acronym class="acronym">DNS</acronym>
<a name="id2608135"></a><p>[<abbr class="abbrev">RFC2308</abbr>] <span class="author"><span class="firstname">M.</span> <span class="surname">Andrews</span>. </span><span class="title"><i>Negative Caching of <acronym class="acronym">DNS</acronym>
<a name="id2608161"></a><p>[<abbr class="abbrev">RFC1995</abbr>] <span class="author"><span class="firstname">M.</span> <span class="surname">Ohta</span>. </span><span class="title"><i>Incremental Zone Transfer in <acronym class="acronym">DNS</acronym></i>. </span><span class="pubdate">August 1996. </span></p>
<a name="id2608185"></a><p>[<abbr class="abbrev">RFC1996</abbr>] <span class="author"><span class="firstname">P.</span> <span class="surname">Vixie</span>. </span><span class="title"><i>A Mechanism for Prompt Notification of Zone Changes</i>. </span><span class="pubdate">August 1996. </span></p>
<a name="id2608209"></a><p>[<abbr class="abbrev">RFC2136</abbr>] <span class="authorgroup"><span class="firstname">P.</span> <span class="surname">Vixie</span>, <span class="firstname">S.</span> <span class="surname">Thomson</span>, <span class="firstname">Y.</span> <span class="surname">Rekhter</span>, and <span class="firstname">J.</span> <span class="surname">Bound</span>. </span><span class="title"><i>Dynamic Updates in the Domain Name System</i>. </span><span class="pubdate">April 1997. </span></p>
<a name="id2608264"></a><p>[<abbr class="abbrev">RFC2671</abbr>] <span class="authorgroup"><span class="firstname">P.</span> <span class="surname">Vixie</span>. </span><span class="title"><i>Extension Mechanisms for DNS (EDNS0)</i>. </span><span class="pubdate">August 1997. </span></p>
<a name="id2608291"></a><p>[<abbr class="abbrev">RFC2672</abbr>] <span class="authorgroup"><span class="firstname">M.</span> <span class="surname">Crawford</span>. </span><span class="title"><i>Non-Terminal DNS Name Redirection</i>. </span><span class="pubdate">August 1999. </span></p>
<a name="id2608317"></a><p>[<abbr class="abbrev">RFC2845</abbr>] <span class="authorgroup"><span class="firstname">P.</span> <span class="surname">Vixie</span>, <span class="firstname">O.</span> <span class="surname">Gudmundsson</span>, <span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>, and <span class="firstname">B.</span> <span class="surname">Wellington</span>. </span><span class="title"><i>Secret Key Transaction Authentication for <acronym class="acronym">DNS</acronym> (TSIG)</i>. </span><span class="pubdate">May 2000. </span></p>
<a name="id2608379"></a><p>[<abbr class="abbrev">RFC2930</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>Secret Key Establishment for DNS (TKEY RR)</i>. </span><span class="pubdate">September 2000. </span></p>
<a name="id2608409"></a><p>[<abbr class="abbrev">RFC2931</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>DNS Request and Transaction Signatures (SIG(0)s)</i>. </span><span class="pubdate">September 2000. </span></p>
<a name="id2608439"></a><p>[<abbr class="abbrev">RFC3007</abbr>] <span class="authorgroup"><span class="firstname">B.</span> <span class="surname">Wellington</span>. </span><span class="title"><i>Secure Domain Name System (DNS) Dynamic Update</i>. </span><span class="pubdate">November 2000. </span></p>
<a name="id2608466"></a><p>[<abbr class="abbrev">RFC3645</abbr>] <span class="authorgroup"><span class="firstname">S.</span> <span class="surname">Kwan</span>, <span class="firstname">P.</span> <span class="surname">Garg</span>, <span class="firstname">J.</span> <span class="surname">Gilroy</span>, <span class="firstname">L.</span> <span class="surname">Esibov</span>, <span class="firstname">J.</span> <span class="surname">Westhead</span>, and <span class="firstname">R.</span> <span class="surname">Hall</span>. </span><span class="title"><i>Generic Security Service Algorithm for Secret
<a name="id2608548"></a><p>[<abbr class="abbrev">RFC3225</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Conrad</span>. </span><span class="title"><i>Indicating Resolver Support of DNSSEC</i>. </span><span class="pubdate">December 2001. </span></p>
<a name="id2608574"></a><p>[<abbr class="abbrev">RFC3833</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Atkins</span> and <span class="firstname">R.</span> <span class="surname">Austein</span>. </span><span class="title"><i>Threat Analysis of the Domain Name System (DNS)</i>. </span><span class="pubdate">August 2004. </span></p>
<a name="id2608611"></a><p>[<abbr class="abbrev">RFC4033</abbr>] <span class="authorgroup"><span class="firstname">R.</span> <span class="surname">Arends</span>, <span class="firstname">R.</span> <span class="surname">Austein</span>, <span class="firstname">M.</span> <span class="surname">Larson</span>, <span class="firstname">D.</span> <span class="surname">Massey</span>, and <span class="firstname">S.</span> <span class="surname">Rose</span>. </span><span class="title"><i>DNS Security Introduction and Requirements</i>. </span><span class="pubdate">March 2005. </span></p>
<a name="id2608676"></a><p>[<abbr class="abbrev">RFC4034</abbr>] <span class="authorgroup"><span class="firstname">R.</span> <span class="surname">Arends</span>, <span class="firstname">R.</span> <span class="surname">Austein</span>, <span class="firstname">M.</span> <span class="surname">Larson</span>, <span class="firstname">D.</span> <span class="surname">Massey</span>, and <span class="firstname">S.</span> <span class="surname">Rose</span>. </span><span class="title"><i>Resource Records for the DNS Security Extensions</i>. </span><span class="pubdate">March 2005. </span></p>
<a name="id2608741"></a><p>[<abbr class="abbrev">RFC4035</abbr>] <span class="authorgroup"><span class="firstname">R.</span> <span class="surname">Arends</span>, <span class="firstname">R.</span> <span class="surname">Austein</span>, <span class="firstname">M.</span> <span class="surname">Larson</span>, <span class="firstname">D.</span> <span class="surname">Massey</span>, and <span class="firstname">S.</span> <span class="surname">Rose</span>. </span><span class="title"><i>Protocol Modifications for the DNS
<a name="id2608814"></a><p>[<abbr class="abbrev">RFC1535</abbr>] <span class="author"><span class="firstname">E.</span> <span class="surname">Gavron</span>. </span><span class="title"><i>A Security Problem and Proposed Correction With Widely
Deployed <acronym class="acronym">DNS</acronym> Software</i>. </span><span class="pubdate">October 1993. </span></p>
<a name="id2608840"></a><p>[<abbr class="abbrev">RFC1536</abbr>] <span class="authorgroup"><span class="firstname">A.</span> <span class="surname">Kumar</span>, <span class="firstname">J.</span> <span class="surname">Postel</span>, <span class="firstname">C.</span> <span class="surname">Neuman</span>, <span class="firstname">P.</span> <span class="surname">Danzig</span>, and <span class="firstname">S.</span> <span class="surname">Miller</span>. </span><span class="title"><i>Common <acronym class="acronym">DNS</acronym> Implementation
<a name="id2608908"></a><p>[<abbr class="abbrev">RFC1982</abbr>] <span class="authorgroup"><span class="firstname">R.</span> <span class="surname">Elz</span> and <span class="firstname">R.</span> <span class="surname">Bush</span>. </span><span class="title"><i>Serial Number Arithmetic</i>. </span><span class="pubdate">August 1996. </span></p>
<a name="id2608944"></a><p>[<abbr class="abbrev">RFC4074</abbr>] <span class="authorgroup"><span class="firstname">Y.</span> <span class="surname">Morishita</span> and <span class="firstname">T.</span> <span class="surname">Jinmei</span>. </span><span class="title"><i>Common Misbehaviour Against <acronym class="acronym">DNS</acronym>
<a name="id2608989"></a><p>[<abbr class="abbrev">RFC1183</abbr>] <span class="authorgroup"><span class="firstname">C.F.</span> <span class="surname">Everhart</span>, <span class="firstname">L. A.</span> <span class="surname">Mamakos</span>, <span class="firstname">R.</span> <span class="surname">Ullmann</span>, and <span class="firstname">P.</span> <span class="surname">Mockapetris</span>. </span><span class="title"><i>New <acronym class="acronym">DNS</acronym> RR Definitions</i>. </span><span class="pubdate">October 1990. </span></p>
<a name="id2609047"></a><p>[<abbr class="abbrev">RFC1706</abbr>] <span class="authorgroup"><span class="firstname">B.</span> <span class="surname">Manning</span> and <span class="firstname">R.</span> <span class="surname">Colella</span>. </span><span class="title"><i><acronym class="acronym">DNS</acronym> NSAP Resource Records</i>. </span><span class="pubdate">October 1994. </span></p>
<a name="id2609084"></a><p>[<abbr class="abbrev">RFC2168</abbr>] <span class="authorgroup"><span class="firstname">R.</span> <span class="surname">Daniel</span> and <span class="firstname">M.</span> <span class="surname">Mealling</span>. </span><span class="title"><i>Resolution of Uniform Resource Identifiers using
<a name="id2609120"></a><p>[<abbr class="abbrev">RFC1876</abbr>] <span class="authorgroup"><span class="firstname">C.</span> <span class="surname">Davis</span>, <span class="firstname">P.</span> <span class="surname">Vixie</span>, <span class="firstname">T.</span>, and <span class="firstname">I.</span> <span class="surname">Dickinson</span>. </span><span class="title"><i>A Means for Expressing Location Information in the
<a name="id2609174"></a><p>[<abbr class="abbrev">RFC2052</abbr>] <span class="authorgroup"><span class="firstname">A.</span> <span class="surname">Gulbrandsen</span> and <span class="firstname">P.</span> <span class="surname">Vixie</span>. </span><span class="title"><i>A <acronym class="acronym">DNS</acronym> RR for Specifying the
<a name="id2609212"></a><p>[<abbr class="abbrev">RFC2163</abbr>] <span class="author"><span class="firstname">A.</span> <span class="surname">Allocchio</span>. </span><span class="title"><i>Using the Internet <acronym class="acronym">DNS</acronym> to
<a name="id2609238"></a><p>[<abbr class="abbrev">RFC2230</abbr>] <span class="author"><span class="firstname">R.</span> <span class="surname">Atkinson</span>. </span><span class="title"><i>Key Exchange Delegation Record for the <acronym class="acronym">DNS</acronym></i>. </span><span class="pubdate">October 1997. </span></p>
<a name="id2609264"></a><p>[<abbr class="abbrev">RFC2536</abbr>] <span class="author"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>DSA KEYs and SIGs in the Domain Name System (DNS)</i>. </span><span class="pubdate">March 1999. </span></p>
<a name="id2609358"></a><p>[<abbr class="abbrev">RFC2537</abbr>] <span class="author"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)</i>. </span><span class="pubdate">March 1999. </span></p>
<a name="id2609385"></a><p>[<abbr class="abbrev">RFC2538</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span> and <span class="firstname">O.</span> <span class="surname">Gudmundsson</span>. </span><span class="title"><i>Storing Certificates in the Domain Name System (DNS)</i>. </span><span class="pubdate">March 1999. </span></p>
<a name="id2609425"></a><p>[<abbr class="abbrev">RFC2539</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>Storage of Diffie-Hellman Keys in the Domain Name System (DNS)</i>. </span><span class="pubdate">March 1999. </span></p>
<a name="id2609454"></a><p>[<abbr class="abbrev">RFC2540</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>Detached Domain Name System (DNS) Information</i>. </span><span class="pubdate">March 1999. </span></p>
<a name="id2609484"></a><p>[<abbr class="abbrev">RFC2782</abbr>] <span class="author"><span class="firstname">A.</span> <span class="surname">Gulbrandsen</span>. </span><span class="author"><span class="firstname">P.</span> <span class="surname">Vixie</span>. </span><span class="author"><span class="firstname">L.</span> <span class="surname">Esibov</span>. </span><span class="title"><i>A DNS RR for specifying the location of services (DNS SRV)</i>. </span><span class="pubdate">February 2000. </span></p>
<a name="id2609527"></a><p>[<abbr class="abbrev">RFC2915</abbr>] <span class="author"><span class="firstname">M.</span> <span class="surname">Mealling</span>. </span><span class="author"><span class="firstname">R.</span> <span class="surname">Daniel</span>. </span><span class="title"><i>The Naming Authority Pointer (NAPTR) DNS Resource Record</i>. </span><span class="pubdate">September 2000. </span></p>
<a name="id2609560"></a><p>[<abbr class="abbrev">RFC3110</abbr>] <span class="author"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)</i>. </span><span class="pubdate">May 2001. </span></p>
<a name="id2609587"></a><p>[<abbr class="abbrev">RFC3123</abbr>] <span class="author"><span class="firstname">P.</span> <span class="surname">Koch</span>. </span><span class="title"><i>A DNS RR Type for Lists of Address Prefixes (APL RR)</i>. </span><span class="pubdate">June 2001. </span></p>
<a name="id2609610"></a><p>[<abbr class="abbrev">RFC3596</abbr>] <span class="authorgroup"><span class="firstname">S.</span> <span class="surname">Thomson</span>, <span class="firstname">C.</span> <span class="surname">Huitema</span>, <span class="firstname">V.</span> <span class="surname">Ksinant</span>, and <span class="firstname">M.</span> <span class="surname">Souissi</span>. </span><span class="title"><i><acronym class="acronym">DNS</acronym> Extensions to support IP
<a name="id2609668"></a><p>[<abbr class="abbrev">RFC3597</abbr>] <span class="author"><span class="firstname">A.</span> <span class="surname">Gustafsson</span>. </span><span class="title"><i>Handling of Unknown DNS Resource Record (RR) Types</i>. </span><span class="pubdate">September 2003. </span></p>
<a name="id2609700"></a><p>[<abbr class="abbrev">RFC1101</abbr>] <span class="author"><span class="firstname">P. V.</span> <span class="surname">Mockapetris</span>. </span><span class="title"><i><acronym class="acronym">DNS</acronym> Encoding of Network Names
<a name="id2609725"></a><p>[<abbr class="abbrev">RFC1123</abbr>] <span class="author"><span class="surname">Braden</span>. </span><span class="title"><i>Requirements for Internet Hosts - Application and
<a name="id2609748"></a><p>[<abbr class="abbrev">RFC1591</abbr>] <span class="author"><span class="firstname">J.</span> <span class="surname">Postel</span>. </span><span class="title"><i>Domain Name System Structure and Delegation</i>. </span><span class="pubdate">March 1994. </span></p>
<a name="id2609771"></a><p>[<abbr class="abbrev">RFC2317</abbr>] <span class="authorgroup"><span class="firstname">H.</span> <span class="surname">Eidnes</span>, <span class="firstname">G.</span> <span class="surname">de Groot</span>, and <span class="firstname">P.</span> <span class="surname">Vixie</span>. </span><span class="title"><i>Classless IN-ADDR.ARPA Delegation</i>. </span><span class="pubdate">March 1998. </span></p>
<a name="id2609817"></a><p>[<abbr class="abbrev">RFC2826</abbr>] <span class="authorgroup"><span class="surname">Internet Architecture Board</span>. </span><span class="title"><i>IAB Technical Comment on the Unique DNS Root</i>. </span><span class="pubdate">May 2000. </span></p>
<a name="id2609841"></a><p>[<abbr class="abbrev">RFC2929</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>, <span class="firstname">E.</span> <span class="surname">Brunner-Williams</span>, and <span class="firstname">B.</span> <span class="surname">Manning</span>. </span><span class="title"><i>Domain Name System (DNS) IANA Considerations</i>. </span><span class="pubdate">September 2000. </span></p>
<a name="id2609898"></a><p>[<abbr class="abbrev">RFC1033</abbr>] <span class="author"><span class="firstname">M.</span> <span class="surname">Lottor</span>. </span><span class="title"><i>Domain administrators operations guide</i>. </span><span class="pubdate">November 1987. </span></p>
<a name="id2609922"></a><p>[<abbr class="abbrev">RFC1537</abbr>] <span class="author"><span class="firstname">P.</span> <span class="surname">Beertema</span>. </span><span class="title"><i>Common <acronym class="acronym">DNS</acronym> Data File
<a name="id2609948"></a><p>[<abbr class="abbrev">RFC1912</abbr>] <span class="author"><span class="firstname">D.</span> <span class="surname">Barr</span>. </span><span class="title"><i>Common <acronym class="acronym">DNS</acronym> Operational and
<a name="id2609975"></a><p>[<abbr class="abbrev">RFC2010</abbr>] <span class="authorgroup"><span class="firstname">B.</span> <span class="surname">Manning</span> and <span class="firstname">P.</span> <span class="surname">Vixie</span>. </span><span class="title"><i>Operational Criteria for Root Name Servers</i>. </span><span class="pubdate">October 1996. </span></p>
<a name="id2610011"></a><p>[<abbr class="abbrev">RFC2219</abbr>] <span class="authorgroup"><span class="firstname">M.</span> <span class="surname">Hamilton</span> and <span class="firstname">R.</span> <span class="surname">Wright</span>. </span><span class="title"><i>Use of <acronym class="acronym">DNS</acronym> Aliases for
<a name="id2610057"></a><p>[<abbr class="abbrev">RFC2825</abbr>] <span class="authorgroup"><span class="surname">IAB</span> and <span class="firstname">R.</span> <span class="surname">Daigle</span>. </span><span class="title"><i>A Tangled Web: Issues of I18N, Domain Names,
<a name="id2610089"></a><p>[<abbr class="abbrev">RFC3490</abbr>] <span class="authorgroup"><span class="firstname">P.</span> <span class="surname">Faltstrom</span>, <span class="firstname">P.</span> <span class="surname">Hoffman</span>, and <span class="firstname">A.</span> <span class="surname">Costello</span>. </span><span class="title"><i>Internationalizing Domain Names in Applications (IDNA)</i>. </span><span class="pubdate">March 2003. </span></p>
<a name="id2610135"></a><p>[<abbr class="abbrev">RFC3491</abbr>] <span class="authorgroup"><span class="firstname">P.</span> <span class="surname">Hoffman</span> and <span class="firstname">M.</span> <span class="surname">Blanchet</span>. </span><span class="title"><i>Nameprep: A Stringprep Profile for Internationalized Domain Names</i>. </span><span class="pubdate">March 2003. </span></p>
<a name="id2610170"></a><p>[<abbr class="abbrev">RFC3492</abbr>] <span class="authorgroup"><span class="firstname">A.</span> <span class="surname">Costello</span>. </span><span class="title"><i>Punycode: A Bootstring encoding of Unicode
<a name="id2610215"></a><p>[<abbr class="abbrev">RFC1464</abbr>] <span class="author"><span class="firstname">R.</span> <span class="surname">Rosenbaum</span>. </span><span class="title"><i>Using the Domain Name System To Store Arbitrary String
<a name="id2610237"></a><p>[<abbr class="abbrev">RFC1713</abbr>] <span class="author"><span class="firstname">A.</span> <span class="surname">Romao</span>. </span><span class="title"><i>Tools for <acronym class="acronym">DNS</acronym> Debugging</i>. </span><span class="pubdate">November 1994. </span></p>
<a name="id2610263"></a><p>[<abbr class="abbrev">RFC1794</abbr>] <span class="author"><span class="firstname">T.</span> <span class="surname">Brisco</span>. </span><span class="title"><i><acronym class="acronym">DNS</acronym> Support for Load
<a name="id2610289"></a><p>[<abbr class="abbrev">RFC2240</abbr>] <span class="author"><span class="firstname">O.</span> <span class="surname">Vaughan</span>. </span><span class="title"><i>A Legal Basis for Domain Name Allocation</i>. </span><span class="pubdate">November 1997. </span></p>
<a name="id2610312"></a><p>[<abbr class="abbrev">RFC2345</abbr>] <span class="authorgroup"><span class="firstname">J.</span> <span class="surname">Klensin</span>, <span class="firstname">T.</span> <span class="surname">Wolf</span>, and <span class="firstname">G.</span> <span class="surname">Oglesby</span>. </span><span class="title"><i>Domain Names and Company Name Retrieval</i>. </span><span class="pubdate">May 1998. </span></p>
<a name="id2610358"></a><p>[<abbr class="abbrev">RFC2352</abbr>] <span class="author"><span class="firstname">O.</span> <span class="surname">Vaughan</span>. </span><span class="title"><i>A Convention For Using Legal Names as Domain Names</i>. </span><span class="pubdate">May 1998. </span></p>
<a name="id2610381"></a><p>[<abbr class="abbrev">RFC3071</abbr>] <span class="authorgroup"><span class="firstname">J.</span> <span class="surname">Klensin</span>. </span><span class="title"><i>Reflections on the DNS, RFC 1591, and Categories of Domains</i>. </span><span class="pubdate">February 2001. </span></p>
<a name="id2610408"></a><p>[<abbr class="abbrev">RFC3258</abbr>] <span class="authorgroup"><span class="firstname">T.</span> <span class="surname">Hardie</span>. </span><span class="title"><i>Distributing Authoritative Name Servers via
<a name="id2610434"></a><p>[<abbr class="abbrev">RFC3901</abbr>] <span class="authorgroup"><span class="firstname">A.</span> <span class="surname">Durand</span> and <span class="firstname">J.</span> <span class="surname">Ihren</span>. </span><span class="title"><i>DNS IPv6 Transport Operational Guidelines</i>. </span><span class="pubdate">September 2004. </span></p>
<a name="id2610477"></a><p>[<abbr class="abbrev">RFC1712</abbr>] <span class="authorgroup"><span class="firstname">C.</span> <span class="surname">Farrell</span>, <span class="firstname">M.</span> <span class="surname">Schulze</span>, <span class="firstname">S.</span> <span class="surname">Pleitner</span>, and <span class="firstname">D.</span> <span class="surname">Baldoni</span>. </span><span class="title"><i><acronym class="acronym">DNS</acronym> Encoding of Geographical
<a name="id2610535"></a><p>[<abbr class="abbrev">RFC2673</abbr>] <span class="authorgroup"><span class="firstname">M.</span> <span class="surname">Crawford</span>. </span><span class="title"><i>Binary Labels in the Domain Name System</i>. </span><span class="pubdate">August 1999. </span></p>
<a name="id2610562"></a><p>[<abbr class="abbrev">RFC2874</abbr>] <span class="authorgroup"><span class="firstname">M.</span> <span class="surname">Crawford</span> and <span class="firstname">C.</span> <span class="surname">Huitema</span>. </span><span class="title"><i>DNS Extensions to Support IPv6 Address Aggregation
<a name="id2610610"></a><p>[<abbr class="abbrev">RFC2065</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span> and <span class="firstname">C.</span> <span class="surname">Kaufman</span>. </span><span class="title"><i>Domain Name System Security Extensions</i>. </span><span class="pubdate">January 1997. </span></p>
<a name="id2610649"></a><p>[<abbr class="abbrev">RFC2137</abbr>] <span class="author"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>Secure Domain Name System Dynamic Update</i>. </span><span class="pubdate">April 1997. </span></p>
<a name="id2610676"></a><p>[<abbr class="abbrev">RFC2535</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Eastlake</span>, <span class="lineage">3rd</span>. </span><span class="title"><i>Domain Name System Security Extensions</i>. </span><span class="pubdate">March 1999. </span></p>
<a name="id2610706"></a><p>[<abbr class="abbrev">RFC3008</abbr>] <span class="authorgroup"><span class="firstname">B.</span> <span class="surname">Wellington</span>. </span><span class="title"><i>Domain Name System Security (DNSSEC)
<a name="id2610731"></a><p>[<abbr class="abbrev">RFC3090</abbr>] <span class="authorgroup"><span class="firstname">E.</span> <span class="surname">Lewis</span>. </span><span class="title"><i>DNS Security Extension Clarification on Zone Status</i>. </span><span class="pubdate">March 2001. </span></p>
<a name="id2610758"></a><p>[<abbr class="abbrev">RFC3445</abbr>] <span class="authorgroup"><span class="firstname">D.</span> <span class="surname">Massey</span> and <span class="firstname">S.</span> <span class="surname">Rose</span>. </span><span class="title"><i>Limiting the Scope of the KEY Resource Record (RR)</i>. </span><span class="pubdate">December 2002. </span></p>
<a name="id2610794"></a><p>[<abbr class="abbrev">RFC3655</abbr>] <span class="authorgroup"><span class="firstname">B.</span> <span class="surname">Wellington</span> and <span class="firstname">O.</span> <span class="surname">Gudmundsson</span>. </span><span class="title"><i>Redefinition of DNS Authenticated Data (AD) bit</i>. </span><span class="pubdate">November 2003. </span></p>
<a name="id2610830"></a><p>[<abbr class="abbrev">RFC3658</abbr>] <span class="authorgroup"><span class="firstname">O.</span> <span class="surname">Gudmundsson</span>. </span><span class="title"><i>Delegation Signer (DS) Resource Record (RR)</i>. </span><span class="pubdate">December 2003. </span></p>
<a name="id2610857"></a><p>[<abbr class="abbrev">RFC3755</abbr>] <span class="authorgroup"><span class="firstname">S.</span> <span class="surname">Weiler</span>. </span><span class="title"><i>Legacy Resolver Compatibility for Delegation Signer (DS)</i>. </span><span class="pubdate">May 2004. </span></p>
<a name="id2610884"></a><p>[<abbr class="abbrev">RFC3757</abbr>] <span class="authorgroup"><span class="firstname">O.</span> <span class="surname">Kolkman</span>, <span class="firstname">J.</span> <span class="surname">Schlyter</span>, and <span class="firstname">E.</span> <span class="surname">Lewis</span>. </span><span class="title"><i>Domain Name System KEY (DNSKEY) Resource Record
<a name="id2610929"></a><p>[<abbr class="abbrev">RFC3845</abbr>] <span class="authorgroup"><span class="firstname">J.</span> <span class="surname">Schlyter</span>. </span><span class="title"><i>DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format</i>. </span><span class="pubdate">August 2004. </span></p>
<a name="id2610982"></a><p><span class="authorgroup"><span class="firstname">Paul</span> <span class="surname">Albitz</span> and <span class="firstname">Cricket</span> <span class="surname">Liu</span>. </span><span class="title"><i><acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym></i>. </span><span class="copyright">Copyright � 1998 Sebastopol, CA: O'Reilly and Associates. </span></p>
It provides an interface to parse the traditional resolv.conf
$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags]</code></em></code></strong>
$ <strong class="userinput"><code>/configure --enable-fixed-rrset <em class="replaceable"><code>[other flags, but not --enable-exportlib]</code></em></code></strong>
$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags, but not --enable-fixed-rrset]</code></em></code></strong>
<a href="Bv9ARM.ch06.html#trusted-keys" title="trusted-keys Statement Grammar">the section called “<span><strong class="command">trusted-keys</strong></span> Statement Grammar”</a> for details.)</p>
example, to specify the following DNSKEY of example.com:
-e -k example.com -K "xxx"
"domain". Example: -s example.com:2001:db8::1234
<a name="id2613754"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
<a name="id2613872"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
returned by getaddrinfo(). If the dns.conf file exists and
<a name="id2613886"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
dynamic.example.com zone has an IPv6 address 2001:db8::1234,
$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key add "foo.dynamic.example.com 30 IN A 192.168.2.1"</code></strong></pre>
adds an A RR for foo.dynamic.example.com using the given key.
$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com 30 IN A"</code></strong></pre>
removes all A RRs for foo.dynamic.example.com using the given key.
$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com"</code></strong></pre>
removes all RRs for foo.dynamic.example.com using the given key.
<a name="id2614359"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
"example.com". In general this domain name must be the apex
"www.example.com"). nsprobe first identifies the NS RRsets for