BIND
| Original author(s) | Douglas Terry, Mark Painter, David Riggle, Songnian Zhou |
|---|---|
| Developer(s) | Internet Systems Consortium |
| Initial release | June 1986 |
| Stable release | |
| Preview release | 9.21.0
/ 21 August 2024 |
| Repository | |
| Operating system | Linux,NetBSD,FreeBSD,OpenBSD,macOS |
| Type | DNS server |
| License | Mozilla Public License[1] |
| Website | www |
BIND(/ˈbaɪnd/) is a suite of software for interacting with theDomain Name System(DNS). Its most prominent component,named(pronouncedname-dee:/ˈneɪmdiː/,short fornamedaemon), performs both of the main DNS server roles, acting as anauthoritative name serverforDNS zonesand as a recursiveresolverin the network. As of 2015, it is the most widely used domain name server software,[2][3][4]and is thede factostandardonUnix-likeoperating systems.[5][6]Also contained in the suite are various administration tools such asnsupdateanddig,and a DNS resolver interface library.
The software was originally designed at theUniversity of California, Berkeley(UCB) in the early 1980s. The name originates as an acronym ofBerkeley Internet Name Domain,[7]reflecting the application's use within UCB. The current version is BIND 9, first released in 2000 and still actively maintained by theInternet Systems Consortium(ISC) with new releases issued several times a year.
Key features
[edit]BIND 9 is intended to be fully compliant with theIETF DNS standards and draft standards.Important features of BIND 9 include:TSIG,nsupdate,IPv6,RNDC (remote name daemon control), views, multiprocessor support, Response Rate Limiting (RRL),DNSSEC,and broad portability. RNDC enables remote configuration updates, using ashared secretto provideencryptionfor local and remote terminals during each session.
Database support
[edit]While earlier versions of BIND offered no mechanism to store and retrievezone datain anything other than flat text files, in 2007 BIND 9.4[8]DLZprovided a compile-time option for zone storage in a variety of database formats includingLDAP,Berkeley DB,PostgreSQL,MySQL,andODBC.
BIND 10 planned to make the data store modular, so that a variety of databases may be connected.[9] In 2016 ISC added support for the 'dyndb' interface, contributed by RedHat, with BIND version 9.11.0.[10]
Security
[edit]Security issues that are discovered in BIND 9 are patched and publicly disclosed in keeping with common principles of open source software. A complete list of security defects that have been discovered and disclosed in BIND9 is maintained by Internet Systems Consortium, the current authors of the software.[11]
The BIND 4 and BIND 8 releases both had serious security vulnerabilities. Use of these ancient versions, or any un-maintained, non-supported version is strongly discouraged.[12]BIND 9 was acomplete rewrite,in part to mitigate these ongoing security issues. Thedownloads page on the ISC web siteclearly shows which versions are currently maintained and which are end of life.
History
[edit]BIND was originally written by fourgraduate studentsat theComputer Systems Research Group(CSRG) at theUniversity of California, Berkeley,Douglas Terry, Mark Painter, David Riggle and Songnian Zhou, in the early 1980s as a result of aDARPAgrant. The acronymBINDis forBerkeley Internet Name Domain,from a technical paper published in 1984.[7]It was first released withBerkeley Software Distribution4.3BSD.
Versions of BIND through 4.8.3 were maintained by the CSRG.[13]
Paul VixieofDigital Equipment Corporation(DEC) took over BIND development in 1988, releasing versions 4.9 and 4.9.1. Vixie continued to work on BIND after leaving DEC. BIND Version 4.9.2 was sponsored by Vixie Enterprises. Vixie eventually founded theInternet Software Consortium(ISC), which became the entity responsible for BIND versions starting with 4.9.3.[13]
BIND 8 was released by ISC in May 1997.[13]
Version 9 was developed byNominum,Inc. under an ISC outsourcing contract, and the first version was released 9 October 2000.[14]It was written from scratch in part to address the architectural difficulties withauditingthe earlier BIND code bases, and also to supportDNSSEC(DNS Security Extensions). The development of BIND 9 took place under a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings;[citation needed]theDNSSECfeatures were funded by the US military, which regarded DNS security as important. BIND 9 was released in September 2000.[13]
In 2009, ISC started an effort to develop a new version of the software suite, initially called BIND10. In addition to DNS service, the BIND10 suite also includedIPv4andIPv6DHCP server components. In April 2014, with BIND10 release 1.2.0 the ISC concluded its involvement in the project and renamed it toBundy,[15][16]moving the source code repository to GitHub[17]for further development by outside public efforts.[18]ISC discontinued its involvement in the project due to cost-cutting measures.[19]The development of DHCP components was split off to become a newKeaproject.
See also
[edit]
References
[edit]- ^"LICENSE in main BIND 9 branch".
- ^"BIND – The most widely used Name Server Software".Internet Systems Consortium.8 September 2015.Retrieved17 September2015.
- ^Moore, Don (23 May 2004)."DNS server survey".Retrieved17 September2015.
- ^Huston, Geoff (October 2015)."Happy Eyeballs for the DNS, (see slide 37)"(PDF).APNIC.Archived(PDF)from the original on 16 June 2016.Retrieved10 July2018.
- ^Huck Jr., Paul E. (June 2001).Zero Configuration Name Services for IP Networks(M.Eng). Massachusetts Institute of Technology.hdl:1721.1/86716.
- ^Bal, Rohit G. (January 2017)."Local Area Network automatic Domain name System (LANDS)".Nepal Engineering College.Retrieved28 June2018.
- ^abTerry, Douglas B.; Painter, Mark; Riggle, David W.; Zhou, Songnian (May 1984).The Berkeley Internet Name Domain Server(Technical report). EECS Department, University of California, Berkeley. UCB/CSD-84-182.Retrieved17 September2015.
- ^Andrews, Mark (24 February 2007)."BIND 9.4.0 is now available".Retrieved17 September2015.
- ^"Kea: Design overview".ISC. Archived fromthe originalon 4 March 2016.Retrieved17 September2015.
- ^"Dyndb compared to DLZ".
- ^Conry, Brian (12 November 2015)."BIND 9 Security Vulnerability Matrix".Internet Systems Consortium.Retrieved24 February2024.
- ^Hudson, P.; Hudson, A.; Ball, B.; Duff, H. (2005).Red Hat Fedora 4 Unleashed.Sams Publishing. p. 723.ISBN0-672-32792-9.
- ^abcdISC (31 October 2016)."History of BIND".Retrieved10 August2017.
- ^"BIND 9 Authored by Nominum Development Team Now Available on Internet Software Consortium Site".6 October 2000.Retrieved17 September2015.
- ^Consortium, Internet Systems (17 April 2014)."ISC Concludes BIND 10 Development with Release 1.2".www.isc.org.Retrieved12 February2023.
- ^"Bundy, authoritative DNS and DHCP server".
- ^"bundy repo at GitHub".GitHub.29 July 2022.
- ^"BIND 10 Release 1.2 available".17 April 2014.Retrieved17 September2015.
- ^"ISC releases BIND 10 1.2, renames it, and turns it over to community".Linux Weekly News.17 April 2014.Retrieved17 September2015.
Further reading
[edit]- Liu, Cricket; Albitz, Paul (May 2006).DNS and BIND(5th ed.).ISBN978-0-596-10057-5.
- Reed, Jeremy C., ed. (January 2016).BIND DNS Administration Reference: Name Server Operations and DNS Configuration using BIND(2nd ed.).ISBN978-1-937516-03-1.
External links
[edit]- The official BIND siteat Internet Systems Consortium (ISC.org)
- The BIND Gitlab repo and issue tracker
- History of BIND
- BIND Release Strategy
- "Cricket Liu Interviewed: DNS and BIND"(5th ed.). 10 May 2006.
- Bundy Project
- Create new BIND zonefileArchived12 November 2020 at theWayback Machine
- Geo-IP Info graphic
| Authority control databases:National |
|---|