Development release of BIND 10: bind10-devel-20110322
Jeremy C. Reed
jreed at isc.org
Tue Mar 22 08:24:33 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Development release of BIND 10: bind10-devel-20110322
This is the tenth development release of BIND 10 since our first
release one year ago. BIND 10 provides a C++ library for DNS (with
python wrappers) and several cooperating daemons for providing
authoritative DNS service (with SQLite3 which supports DNSSEC and
in-memory backends), forwarding, and recursive name service. While,
it contains prototype code and experimental interfaces, both the
authoritative and resolver servers are being used in production.
Documentation is included and also available via the BIND 10
website at http://bind10.isc.org/
The bind10-devel-20110322 source may be downloaded from:
A PGP signature of the distribution is at
The signature was generated with the ISC public key, which is
available at https://www.isc.org/about/openpgp
Users and developers are encouraged to participate on the BIND 10
mailing lists. Please provide your feedback:
Bugs may be reported as tickets via the developers website
(after logging into Trac):
A summary of the significant changes since the previous release
include (from the ChangeLog):
209. [func] jelte
Resolver now uses the NSAS when looking for a nameserver to
query for any specific zone. This also includes keeping track of
the RTT for that nameserver.
(Trac #495, git 76022a7e9f3ff339f0f9f10049aa85e5784d72c5)
208. [bug]* jelte
Resolver now answers REFUSED on queries that are not for class IN.
This includes the various CH TXT queries, which will be added
207. [func] jelte
Resolver now starts listening on localhost:53 if no configuration
(Trac #471, git 1960b5becbba05570b9c7adf5129e64338659f07)
206. [func] shane
Add the ability to list the running BIND 10 processes using the
command channel. To try this, use "Boss show_processes".
(Trac #648, git 451bbb67c2b5d544db2f7deca4315165245d2b3b)
205. [bug] jinmei
b10-auth, src/lib/datasrc: fixed a bug where b10-auth could return
an empty additional section for delegation even if some glue is
crucial when it fails to find some other glue records in its data
(Trac #646, git 6070acd1c5b2f7a61574eda4035b93b40aab3e2b)
204. [bug] jinmei
b10-auth, src/lib/datasrc: class ANY queries were not handled
correctly in the generic data source (mainly for sqlite3). It
could crash b10-auth in the worst case, and could result in
incorrect responses in some other cases.
(Trac #80, git c65637dd41c8d94399bd3e3cee965b694b633339)
203. [bug] zhang likun
Fix resolver cache memory leak: when cache is destructed, rrset
and message entries in it are not destructed properly.
(Trac #643, git aba4c4067da0dc63c97c6356dc3137651755ffce)
202. [func] vorner
It is possible to specify a different directory where we look for
configuration files (by -p) and different configuration file to
use (-c). Also, it is possible to specify the port on which
cmdctl should listen (--cmdctl-port).
(Trac #615, git 5514dd78f2d61a222f3069fc94723ca33fb3200b)
201. [bug] jerry
src/bin/bindctl: bindctl doesn't show traceback on shutdown.
(Trac #588, git 662e99ef050d98e86614c4443326568a0b5be437)
200. [bug] Jelte
Fixed a bug where incoming TCP connections were not closed.
(Trac #589, git 1d88daaa24e8b1ab27f28be876f40a144241e93b)
199. [func] ocean
Cache negative responses (NXDOMAIN/NODATA) from authoritative
server for recursive resolver.
(Trac #493, git f8fb852bc6aef292555063590c361f01cf29e5ca)
198. [bug] jinmei
b10-auth, src/lib/datasrc: fixed a bug where hot spot cache failed
to reuse cached SOA for negative responses. Due to this bug
b10-auth returned SERVFAIL when it was expected to return a
negative response immediately after a specific SOA query for
(Trac #626, git 721a53160c15e8218f6798309befe940b9597ba0)
197. [bug] zhang likun
Remove expired message and rrset entries when looking up them
in cache, touch or remove the rrset entry in cache properly
when doing lookup or update.
(Trac #661, git 9efbe64fe3ff22bb5fba46de409ae058f199c8a7)
196. [bug] jinmei
b10-auth, src/lib/datasrc: the backend of the in-memory data
source could not handle the root name. As a result b10-auth could
not work as a root server when using the in-memory data source.
(Trac #683, git 420ec42bd913fb83da37b26b75faae49c7957c46)
195. [func] stephen
Resolver will now re-try a query over TCP if a response to a UDP
query has the TC bit set.
(Trac #499, git 4c05048ba059b79efeab53498737abe94d37ee07)
194. [bug] vorner
Solved a 100% CPU usage problem after switching addresses in b10-auth
(and possibly, but unconfirmed, in b10-resolver). It was caused by
repeated reads/accepts on closed socket (the bug was in the code for a
long time, recent changes made it show).
(Trac #657, git e0863720a874d75923ea66adcfbf5b2948efb10a)
193. [func]* jreed
Listen on the IPv6 (::) and IPv4 (0.0.0.0) wildcard addresses
for b10-auth. This returns to previous behavior prior to
change #184. Document the listen_on configuration in manual.
(Trac #649, git 65a77d8fde64d464c75917a1ab9b6b3f02640ca6)
192. [func]* jreed
Listen on standard domain port 53 for b10-auth and
(Trac #617, #618, git 137a6934a14cf0c5b5c065e910b8b364beb0973f)
191. [func] jinmei
Imported system test framework of BIND 9. It can be run by
'make systest' at the top source directory. Notes: currently it
doesn't work when built in a separate tree. It also requires
perl, an inherited dependency from the original framework.
Also, mainly for the purpose of tests, a new option "--pid-file"
was added to BoB, with which the boss process will dump its PID
to the specified file.
(Trac #606, git 6ac000df85625f5921e8895a1aafff5e4be3ba9c)
190. [func] jelte
Resolver now sets random qids on outgoing queries using
the boost::mt19937 prng.
(Trac #583, git 5222b51a047d8f2352bc9f92fd022baf1681ed81)
189. [bug] jreed
Do not install the log message compiler.
(Trac #634, git eb6441aca464980d00e3ff827cbf4195c5a7afc5)
188. [bug] zhang likun
Make the rrset trust level ranking algorithm used by
isc::cache::MessageEntry::getRRsetTrustLevel() follow RFC2181
(Trac #595 git 19197b5bc9f2955bd6a8ca48a2d04472ed696e81)
187. [bug] zhang likun
Fix the assert error in class isc::cache::RRsetCache by adding the
check for empty pointer and test case for it.
(Trac #638, git 54e61304131965c4a1d88c9151f8697dcbb3ce12)
186. [bug] jelte
b10-resolver could stop with an assertion failure on certain kinds
of messages (there was a problem in error message creation). This
(Trac #607, git 25a5f4ec755bc09b54410fcdff22691283147f32)
185. [bug] vorner
Tests use port from private range (53210), lowering chance of
a conflict with something else (eg. running bind 10).
(Trac #523, git 301da7d26d41e64d87c0cf72727f3347aa61fb40)
184. [func]* vorner
Listening address and port configuration of b10-auth is the same as
for b10-resolver now. That means, it is configured through bindctl
at runtime, in the Auth/listen_on list, not through command line
(Trac #575, #576, git f06ce638877acf6f8e1994962bf2dbfbab029edf)
183. [bug] jerry
src/bin/xfrout: Enable parallel sessions between xfrout server and
muti-Auth. The session needs to be created only on the first time
or if an error occur.
(Trac #419, git 1d60afb59e9606f312caef352ecb2fe488c4e751)
182. [func] jinmei
Support cppcheck for static code check on C++ code. If cppcheck
is available, 'make cppcheck' on the top source directory will run
the checker and should cleanly complete with an exit code of 0
(at least with cppcheck 1.47).
Note: the suppression list isn't included in the final
distributions. It should be created by hand or retrieved from
the git repository.
(Trac #613, git b973f67520682b63ef38b1451d309be9f4f4b218)
181. [func] feng
Add stop interface into dns server, so we can stop each running
server individually. With it, user can reconfigure her running server
with different ip address or port.
(Trac #388, git 6df94e2db856c1adc020f658cc77da5edc967555)
180. [build] jreed
Fix custom DESTDIR for make install. Patch from Jan Engelhardt.
(Trac #629, git 5ac67ede03892a5eacf42ce3ace1e4e376164c9f)
Please let us know about your experiences with using BIND 10.
Jeremy C. Reed
ISC Release Engineer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)
-----END PGP SIGNATURE-----
More information about the bind-announce