Development release of BIND 10: bind10-devel-20120329

Jeremy C. Reed jreed at isc.org
Thu Mar 29 18:06:25 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


	Development release of BIND 10: bind10-devel-20120329

Welcome to the 18th development release of BIND 10. This is the final
development release of our third project year. Its key enhancements
include:

 * Able to manually send out NOTIFY messages for a given zone.

 * Support for the SSHFP resource record type (RFC 4255).

 * Additional logging about AXFR and IXFR transfers for administrators.

 * Significant DNS query performance improvements.

One of BIND 10's goals is to be at least as fast as BIND 9.  At
our face-to-face meeting in January we identified some bottlenecks
in the code using gprof, valgrind, and oprofile.  Over the past
two months, we dedicated some development time to research various
optimization and performance tasks. As a result, for various common
authoritative DNS server use cases, BIND 10 is now faster than BIND
9.9.0. (We will publish a Blog article about this soon.)

BIND 10 provides a C++ library for DNS (with python wrappers) and
several cooperating daemons for providing authoritative DNS service
(with SQLite3 and in-memory backends and DNSSEC support), DNS
forwarding, and recursive name service.  It also includes experimental
DHCPv4 and DHCPv6 servers and a C++ library for DHCP. BIND 10 offers
statistics collection, remote configurations and operations, and
documented logging messages.  While it contains prototype code and
experimental interfaces, both the authoritative and resolver servers
are being used in production.

Documentation is included and also available via the BIND 10
website at http://bind10.isc.org/

The bind10-devel-20120329 source may be downloaded from:

	ftp://ftp.isc.org/isc/bind10/devel-20120329/bind10-devel-20120329.tar.gz

A PGP signature of the distribution is at

	ftp://ftp.isc.org/isc/bind10/devel-20120329/bind10-devel-20120329.tar.gz.sha512.asc

The signature was generated with the ISC public key, which is
available at https://www.isc.org/about/openpgp

Users and developers are encouraged to participate on the BIND 10
mailing lists. Please provide your feedback:

	https://lists.isc.org/mailman/listinfo/bind10-users
	https://lists.isc.org/mailman/listinfo/bind10-dev

Bugs may be reported as tickets via the developers website
(after logging into Trac):

	http://bind10.isc.org/

A summary of the significant changes since the previous release
include the following from the ChangeLog. (See the git history for
more changes.)

415.	[doc]		jinmei, jreed
	BIND 10 Guide updated to now describe the in-memory data source
        configurations for b10-auth.
	(Trac #1732, git 434d8db8dfcd23a87b8e798e5702e91f0bbbdcf6)

414.	[bug]		jinmei
	b10-auth now correctly handles delegation from an unsigned zone
	(defined in the in-memory data source) when the query has DNSSEC
	DO bit on.  It previously returned SERVFAIL.
	(Trac #1836, git 78bb8f4b9676d6345f3fdd1e5cc89039806a9aba)

413.	[func]		stephen, jelte
	Created a new tool b10-dbutil, that can check and upgrade database
	schemas, to be used when incompatible changes are introduced in the
	backend database schema. Currently it only supports sqlite3 databases.
	Note: there's no schema change that requires this utility as of
	the March 29th release.  While running it shouldn't break
	an existing database file, it should be even more advisable not to
	run it at the moment.
	(Trac #963, git 49ba2cf8ac63246f389ab5e8ea3b3d081dba9adf)

412.	[func]		jelte
	Added a command-line option '--clear-config' to bind10, which causes
	the system to create a backup of the existing configuration database
	file, and start out with a clean default configuration. This can be
	used if the configuration file is corrupted to the point where it
	cannot be read anymore, and BIND 10 refuses to start. The name of
	the backup file can be found in the logs (CFGMGR_RENAMED_CONFIG_FILE).
	(Trac #1443, git 52b36c921ee59ec69deefb6123cbdb1b91dc3bc7)

411.	[func]		muks
	Add a -i/--no-kill command-line argument to bind10, which stops
	it from sending SIGTERM and SIGKILL to other b10 processes when
	they're shutting down.
	(Trac #1819, git 774554f46b20ca5ec2ef6c6d5e608114f14e2102)

410.	[bug]		jinmei
	Python CC library now ensures write operations transmit all given
	data (unless an error happens).  Previously it didn't check the
	size of transmitted data, which could result in partial write on
	some systems (notably on OpenBSD) and subsequently cause system
	hang up or other broken state.  This fix specifically solves start
	up failure on OpenBSD.
	(Trac #1829, git 5e5a33213b60d89e146cd5e47d65f3f9833a9297)

409.	[bug]		jelte
	Fixed a parser bug in bindctl that could make bindctl crash. Also
	improved 'command help' output; argument order is now shown
	correctly, and parameter descriptions are shown as well.
	(Trac #1172, git bec26c6137c9b0a59a3a8ca0f55a17cfcb8a23de)

408.	[bug]		stephen, jinmei
	b10-auth now filters out duplicate RRsets when building a
	response message using the new query handling logic.  It's
	currently only used with the in-memory data source, but will
	also be used for others soon.
	(Trac #1688, git b77baca56ffb1b9016698c00ae0a1496d603d197)

407.	[build]		haikuo
	Remove "--enable-boost-threads" switch in configure command. This
	thread lock mechanism is useless for bind10 and causes performance 
	hits. 
	(Trac #1680, git 9c4d0cadf4adc802cc41a2610dc2c30b25aad728)

406.	[bug]		muks
	On platforms such as OpenBSD where pselect() is not available,
	make a wrapper around select() in perfdhcp.
	(Trac #1639, git 6ea0b1d62e7b8b6596209291aa6c8b34b8e73191)

405.	[bug]		jinmei
	Make sure disabling Boost threads if the default configuration is
	to disable it for the system.  This fixes a crash and hang up
	problem on OpenBSD, where the use of Boost thread could be
	different in different program files depending on the order of
	including various header files, and could introduce inconsistent
	states between a library and a program.  Explicitly forcing the
	original default throughout the BIND 10 build environment will
	prevent this from happening.
	(Trac #1727, git 23f9c3670b544c5f8105958ff148aeba050bc1b4)

404.	[bug]		naokikambe
	The statistic counters are now properly accumulated across multiple
	instances of b10-auth (if there are multiple instances), instead of
	providing result for random instance.
	(Trac #1751, git 3285353a660e881ec2b645e1bc10d94e5020f357)

403.	[build]*		jelte
	The configure option for botan (--with-botan=PATH) is replaced by
	--with-botan-config=PATH, which takes a full path to a botan-config
	script, instead of the botan 'install' directory. Also, if not
	provided, configure will try out config scripts and pkg-config
	options until it finds one that works.
	(Trac #1640, git 582bcd66dbd8d39f48aef952902f797260280637)

402.	[func]		jelte
	b10-xfrout now has a visible command to send out notifies for
	a given zone, callable from bindctl. Xfrout notify <zone> [class]
	(Trac #1321, git 0bb258f8610620191d75cfd5d2308b6fc558c280)

401.	[func]*		jinmei
	libdns++: updated the internal implementation of the
	MessageRenderer class.  This is mostly a transparent change, but
	the new version now doesn't allow changing compression mode in the
	middle of rendering (which shouldn't be an issue in practice).
	On the other hand, name compression performance was significantly
	improved: depending on the number of names, micro benchmark tests
	showed the new version is several times faster than the previous
	version .
	(Trac #1603, git 9a2a86f3f47b60ff017ce1a040941d0c145cfe16)

400.	[bug]		stephen
	Fix crash on Max OS X 10.7 by altering logging so as not to allocate
	heap storage in the static initialization of logging objects.
	(Trac #1698, git a8e53be7039ad50d8587c0972244029ff3533b6e)

399.	[func]		muks
	Add support for the SSHFP RR type (RFC 4255).
	(Trac #1136, git ea5ac57d508a17611cfae9d9ea1c238f59d52c51)

398.	[func]		jelte
	The b10-xfrin module now logs more information on successful
	incoming transfers. In the case of IXFR, it logs the number of
	changesets, and the total number of added and deleted resource
	records. For AXFR (or AXFR-style IXFR), it logs the number of
	resource records. In both cases, the number of overhead DNS
	messages, runtime, amount of wire data, and transfer speed are logged.
	(Trac #1280, git 2b01d944b6a137f95d47673ea8367315289c205d)

397.	[func]		muks
	The boss process now gives more helpful description when a
	sub-process exits due to a signal.
	(Trac #1673, git 1cd0d0e4fc9324bbe7f8593478e2396d06337b1e)

396.	[func]*		jinmei
	libdatasrc: change the return type of ZoneFinder::find() so it can
	contain more context of the search, which can be used for
	optimizing post find() processing.  A new method getAdditional()
	is added to it for finding additional RRsets based on the result
	of find().  External behavior shouldn't change.  The query
	handling code of b10-auth now uses the new interface.
	(Trac #1607, git 2e940ea65d5b9f371c26352afd9e66719c38a6b9)

395.	[bug]		jelte
	The log message compiler now errors (resulting in build failures) if
	duplicate log message identifiers are found in a single message file.
	Renamed one duplicate that was found (RESOLVER_SHUTDOWN, renamed to
	RESOLVER_SHUTDOWN_RECEIVED).
	(Trac #1093, git f537c7e12fb7b25801408f93132ed33410edae76)
	(Trac #1741, git b8960ab85c717fe70ad282e0052ac0858c5b57f7)

394.	[bug]		jelte
	b10-auth now catches any exceptions during response building; if any
	datasource either throws an exception or causes an exception to be
	thrown, the message processing code will now catch it, log a debug
	message, and return a SERVFAIL response.
	(Trac #1612, git b5740c6b3962a55e46325b3c8b14c9d64cf0d845)

393.	[func]		jelte
	Introduced a new class LabelSequence in libdns++, which provides
	lightweight accessor functionality to the Name class, for more
	efficient comparison of parts of names.
	(Trac #1602, git b33929ed5df7c8f482d095e96e667d4a03180c78)

392.	[func]*		jinmei
	libdns++: revised the (Abstract)MessageRenderer class so that it
	has a default internal buffer and the buffer can be temporarily
	switched.  The constructor interface was modified, and a new
	method setBuffer() was added.
	(Trac #1697, git 9cabc799f2bf9a3579dae7f1f5d5467c8bb1aa40)

391.	[bug]*		vorner
	The long time unused configuration options of Xfrout "log_name",
	"log_file", "log_severity", "log_version" and "log_max_bytes" were
	removed, as they had no effect (Xfrout uses the global logging
	framework).  However, if you have them set, you need to remove
	them from the configuration file or the configuration will be
	rejected.
	(Trac #1090, git ef1eba02e4cf550e48e7318702cff6d67c1ec82e)

Please let us know about your experiences with using BIND 10.

Jeremy C. Reed
ISC Release Engineer

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)

iEYEARECAAYFAk90o/0ACgkQs9Bv5D4YwC08AwCffetbuQrqWmdV00L03/f3aiWk
5HkAoKPuEc3MlOLKY0inB52cyXChG1Ib
=+gjn
-----END PGP SIGNATURE-----

More information about the bind-announce mailing list