Development release of BIND 10: bind10-devel-20110322

Jeremy C. Reed jreed at
Tue Mar 22 08:24:33 UTC 2011

Hash: SHA1

	Development release of BIND 10: bind10-devel-20110322

This is the tenth development release of BIND 10 since our first
release one year ago.  BIND 10 provides a C++ library for DNS (with
python wrappers) and several cooperating daemons for providing
authoritative DNS service (with SQLite3 which supports DNSSEC and
in-memory backends), forwarding, and recursive name service. While,
it contains prototype code and experimental interfaces, both the
authoritative and resolver servers are being used in production.

Documentation is included and also available via the BIND 10
website at

The bind10-devel-20110322 source may be downloaded from:

A PGP signature of the distribution is at

The signature was generated with the ISC public key, which is
available at

Users and developers are encouraged to participate on the BIND 10
mailing lists. Please provide your feedback:

Bugs may be reported as tickets via the developers website
(after logging into Trac):

A summary of the significant changes since the previous release
include (from the ChangeLog):

  209.  [func]		jelte
	Resolver now uses the NSAS when looking for a nameserver to
	query for any specific zone. This also includes keeping track of
	the RTT for that nameserver.
	(Trac #495, git 76022a7e9f3ff339f0f9f10049aa85e5784d72c5)

  208.  [bug]*		jelte
	Resolver now answers REFUSED on queries that are not for class IN.
	This includes the various CH TXT queries, which will be added
	(git 012f9e78dc611c72ea213f9bd6743172e1a2ca20)

  207.  [func]		jelte
	Resolver now starts listening on localhost:53 if no configuration
	is set.
	(Trac #471, git 1960b5becbba05570b9c7adf5129e64338659f07)

  206.  [func]		shane
	Add the ability to list the running BIND 10 processes using the
	command channel. To try this, use "Boss show_processes".
	(Trac #648, git 451bbb67c2b5d544db2f7deca4315165245d2b3b)

  205.	[bug]		jinmei
	b10-auth, src/lib/datasrc: fixed a bug where b10-auth could return
	an empty additional section for delegation even if some glue is
	crucial when it fails to find some other glue records in its data
	(Trac #646, git 6070acd1c5b2f7a61574eda4035b93b40aab3e2b)

  204.	[bug]		jinmei
	b10-auth, src/lib/datasrc: class ANY queries were not handled
	correctly in the generic data source (mainly for sqlite3).  It
	could crash b10-auth in the worst case, and could result in
	incorrect responses in some other cases.
	(Trac #80, git c65637dd41c8d94399bd3e3cee965b694b633339)

  203.  [bug]		zhang likun
	Fix resolver cache memory leak: when cache is destructed, rrset
	and message entries in it are not destructed properly.
	(Trac #643, git aba4c4067da0dc63c97c6356dc3137651755ffce)

  202.  [func]    vorner
	It is possible to specify a different directory where we look for
	configuration files (by -p) and different configuration file to
	use (-c).  Also, it is possible to specify the port on which
	cmdctl should listen (--cmdctl-port).
	(Trac #615, git 5514dd78f2d61a222f3069fc94723ca33fb3200b)

  201.  [bug]           jerry
	src/bin/bindctl: bindctl doesn't show traceback on shutdown.
	(Trac #588, git 662e99ef050d98e86614c4443326568a0b5be437)

  200.  [bug]           Jelte
	Fixed a bug where incoming TCP connections were not closed.
	(Trac #589, git 1d88daaa24e8b1ab27f28be876f40a144241e93b)

  199.  [func]           ocean
	Cache negative responses (NXDOMAIN/NODATA) from authoritative
	server for recursive resolver.
	(Trac #493, git f8fb852bc6aef292555063590c361f01cf29e5ca)

  198.	[bug]		jinmei
	b10-auth, src/lib/datasrc: fixed a bug where hot spot cache failed
	to reuse cached SOA for negative responses.  Due to this bug
	b10-auth returned SERVFAIL when it was expected to return a
	negative response immediately after a specific SOA query for
	the zone.
	(Trac #626, git 721a53160c15e8218f6798309befe940b9597ba0)

  197.  [bug]		zhang likun
	Remove expired message and rrset entries when looking up them
	in cache, touch or remove the rrset entry in cache properly
	when doing lookup or update.
	(Trac #661, git 9efbe64fe3ff22bb5fba46de409ae058f199c8a7)

  196.	[bug]		jinmei
	b10-auth, src/lib/datasrc: the backend of the in-memory data
	source could not handle the root name.  As a result b10-auth could
	not work as a root server when using the in-memory data source.
	(Trac #683, git 420ec42bd913fb83da37b26b75faae49c7957c46)

  195.  [func]      stephen
	Resolver will now re-try a query over TCP if a response to a UDP
	query has the TC bit set.
	(Trac #499, git 4c05048ba059b79efeab53498737abe94d37ee07)

  194.  [bug]       vorner
	Solved a 100% CPU usage problem after switching addresses in b10-auth
	(and possibly, but unconfirmed, in b10-resolver). It was caused by
	repeated reads/accepts on closed socket (the bug was in the code for a
	long time, recent changes made it show).
	(Trac #657, git e0863720a874d75923ea66adcfbf5b2948efb10a)

  193.	[func]*		jreed
	Listen on the IPv6 (::) and IPv4 ( wildcard addresses
	for b10-auth. This returns to previous behavior prior to
	change #184. Document the listen_on configuration in manual.
	(Trac #649, git 65a77d8fde64d464c75917a1ab9b6b3f02640ca6)

  192.	[func]*		jreed
	Listen on standard domain port 53 for b10-auth and
	(Trac #617, #618, git 137a6934a14cf0c5b5c065e910b8b364beb0973f)

  191.	[func]		jinmei
	Imported system test framework of BIND 9.  It can be run by
	'make systest' at the top source directory.  Notes: currently it
	doesn't work when built in a separate tree.  It also requires
	perl, an inherited dependency from the original framework.
	Also, mainly for the purpose of tests, a new option "--pid-file"
	was added to BoB, with which the boss process will dump its PID
	to the specified file.
	(Trac #606, git 6ac000df85625f5921e8895a1aafff5e4be3ba9c)

  190.	[func]		jelte
	Resolver now sets random qids on outgoing queries using
	the boost::mt19937 prng.
	(Trac #583, git 5222b51a047d8f2352bc9f92fd022baf1681ed81)

  189.	[bug]		jreed
	Do not install the log message compiler.
	(Trac #634, git eb6441aca464980d00e3ff827cbf4195c5a7afc5)

  188.  [bug]		zhang likun
	Make the rrset trust level ranking algorithm used by
	isc::cache::MessageEntry::getRRsetTrustLevel() follow RFC2181
	section 5.4.1.
	(Trac #595 git 19197b5bc9f2955bd6a8ca48a2d04472ed696e81)

  187.  [bug]		zhang likun
	Fix the assert error in class isc::cache::RRsetCache by adding the
	check for empty pointer and test case for it.
	(Trac #638, git 54e61304131965c4a1d88c9151f8697dcbb3ce12)

  186.  [bug]		jelte
	b10-resolver could stop with an assertion failure on certain kinds
	of messages (there was a problem in error message creation). This
	fixes that.
	(Trac #607, git 25a5f4ec755bc09b54410fcdff22691283147f32)

  185.  [bug]        vorner
	Tests use port from private range (53210), lowering chance of
	a conflict with something else (eg. running bind 10).
	(Trac #523, git 301da7d26d41e64d87c0cf72727f3347aa61fb40)

  184.  [func]*      vorner
	Listening address and port configuration of b10-auth is the same as
	for b10-resolver now. That means, it is configured through bindctl
	at runtime, in the Auth/listen_on list, not through command line
	(Trac #575, #576, git f06ce638877acf6f8e1994962bf2dbfbab029edf)

  183.  [bug]      jerry
	src/bin/xfrout: Enable parallel sessions between xfrout server and
	muti-Auth. The session needs to be created only on the first time
	or if an error occur.
	(Trac #419, git 1d60afb59e9606f312caef352ecb2fe488c4e751)

  182.	[func]		jinmei
	Support cppcheck for static code check on C++ code.  If cppcheck
	is available, 'make cppcheck' on the top source directory will run
	the checker and should cleanly complete with an exit code of 0
	(at least with cppcheck 1.47).
	Note: the suppression list isn't included in the final
	distributions.  It should be created by hand or retrieved from
	the git repository.
	(Trac #613, git b973f67520682b63ef38b1451d309be9f4f4b218)

  181.  [func]      feng
	Add stop interface into dns server, so we can stop each running
	server individually. With it, user can reconfigure her running server
	with different ip address or port.
	(Trac #388, git 6df94e2db856c1adc020f658cc77da5edc967555)

  180.  [build]     jreed
	Fix custom DESTDIR for make install. Patch from Jan Engelhardt.
	(Trac #629, git 5ac67ede03892a5eacf42ce3ace1e4e376164c9f)

Please let us know about your experiences with using BIND 10.

Jeremy C. Reed
ISC Release Engineer
Version: GnuPG v1.4.9 (NetBSD)


More information about the bind-announce mailing list