Development release of BIND 10: bind10-devel-20120329 Welcome to the 18th development release of BIND 10. This is the final development release of our third project year. Its key enhancements include: * Able to manually send out NOTIFY messages for a given zone. * Support for the SSHFP resource record type (RFC 4255). * Additional logging about AXFR and IXFR transfers for administrators. * Significant DNS query performance improvements. One of BIND 10's goals is to be at least as fast as BIND 9. At our face-to-face meeting in January we identified some bottlenecks in the code using gprof, valgrind, and oprofile. Over the past two months, we dedicated some development time to research various optimization and performance tasks. As a result, for various common authoritative DNS server use cases, BIND 10 is now faster than BIND 9.9.0. (We will publish a Blog article about this soon.) BIND 10 provides a C++ library for DNS (with python wrappers) and several cooperating daemons for providing authoritative DNS service (with SQLite3 and in-memory backends and DNSSEC support), DNS forwarding, and recursive name service. It also includes experimental DHCPv4 and DHCPv6 servers and a C++ library for DHCP. BIND 10 offers statistics collection, remote configurations and operations, and documented logging messages. While it contains prototype code and experimental interfaces, both the authoritative and resolver servers are being used in production. Documentation is included and also available via the BIND 10 website at http://bind10.isc.org/ The bind10-devel-20120329 source may be downloaded from: ftp://ftp.isc.org/isc/bind10/devel-20120329/bind10-devel-20120329.tar.gz A PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind10/devel-20120329/bind10-devel-20120329.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at https://www.isc.org/about/openpgp Users and developers are encouraged to participate on the BIND 10 mailing lists. Please provide your feedback: https://lists.isc.org/mailman/listinfo/bind10-users https://lists.isc.org/mailman/listinfo/bind10-dev Bugs may be reported as tickets via the developers website (after logging into Trac): http://bind10.isc.org/ A summary of the significant changes since the previous release include the following from the ChangeLog. (See the git history for more changes.) 415. [doc] jinmei, jreed BIND 10 Guide updated to now describe the in-memory data source configurations for b10-auth. (Trac #1732, git 434d8db8dfcd23a87b8e798e5702e91f0bbbdcf6) 414. [bug] jinmei b10-auth now correctly handles delegation from an unsigned zone (defined in the in-memory data source) when the query has DNSSEC DO bit on. It previously returned SERVFAIL. (Trac #1836, git 78bb8f4b9676d6345f3fdd1e5cc89039806a9aba) 413. [func] stephen, jelte Created a new tool b10-dbutil, that can check and upgrade database schemas, to be used when incompatible changes are introduced in the backend database schema. Currently it only supports sqlite3 databases. Note: there's no schema change that requires this utility as of the March 29th release. While running it shouldn't break an existing database file, it should be even more advisable not to run it at the moment. (Trac #963, git 49ba2cf8ac63246f389ab5e8ea3b3d081dba9adf) 412. [func] jelte Added a command-line option '--clear-config' to bind10, which causes the system to create a backup of the existing configuration database file, and start out with a clean default configuration. This can be used if the configuration file is corrupted to the point where it cannot be read anymore, and BIND 10 refuses to start. The name of the backup file can be found in the logs (CFGMGR_RENAMED_CONFIG_FILE). (Trac #1443, git 52b36c921ee59ec69deefb6123cbdb1b91dc3bc7) 411. [func] muks Add a -i/--no-kill command-line argument to bind10, which stops it from sending SIGTERM and SIGKILL to other b10 processes when they're shutting down. (Trac #1819, git 774554f46b20ca5ec2ef6c6d5e608114f14e2102) 410. [bug] jinmei Python CC library now ensures write operations transmit all given data (unless an error happens). Previously it didn't check the size of transmitted data, which could result in partial write on some systems (notably on OpenBSD) and subsequently cause system hang up or other broken state. This fix specifically solves start up failure on OpenBSD. (Trac #1829, git 5e5a33213b60d89e146cd5e47d65f3f9833a9297) 409. [bug] jelte Fixed a parser bug in bindctl that could make bindctl crash. Also improved 'command help' output; argument order is now shown correctly, and parameter descriptions are shown as well. (Trac #1172, git bec26c6137c9b0a59a3a8ca0f55a17cfcb8a23de) 408. [bug] stephen, jinmei b10-auth now filters out duplicate RRsets when building a response message using the new query handling logic. It's currently only used with the in-memory data source, but will also be used for others soon. (Trac #1688, git b77baca56ffb1b9016698c00ae0a1496d603d197) 407. [build] haikuo Remove "--enable-boost-threads" switch in configure command. This thread lock mechanism is useless for bind10 and causes performance hits. (Trac #1680, git 9c4d0cadf4adc802cc41a2610dc2c30b25aad728) 406. [bug] muks On platforms such as OpenBSD where pselect() is not available, make a wrapper around select() in perfdhcp. (Trac #1639, git 6ea0b1d62e7b8b6596209291aa6c8b34b8e73191) 405. [bug] jinmei Make sure disabling Boost threads if the default configuration is to disable it for the system. This fixes a crash and hang up problem on OpenBSD, where the use of Boost thread could be different in different program files depending on the order of including various header files, and could introduce inconsistent states between a library and a program. Explicitly forcing the original default throughout the BIND 10 build environment will prevent this from happening. (Trac #1727, git 23f9c3670b544c5f8105958ff148aeba050bc1b4) 404. [bug] naokikambe The statistic counters are now properly accumulated across multiple instances of b10-auth (if there are multiple instances), instead of providing result for random instance. (Trac #1751, git 3285353a660e881ec2b645e1bc10d94e5020f357) 403. [build]* jelte The configure option for botan (--with-botan=PATH) is replaced by --with-botan-config=PATH, which takes a full path to a botan-config script, instead of the botan 'install' directory. Also, if not provided, configure will try out config scripts and pkg-config options until it finds one that works. (Trac #1640, git 582bcd66dbd8d39f48aef952902f797260280637) 402. [func] jelte b10-xfrout now has a visible command to send out notifies for a given zone, callable from bindctl. Xfrout notify [class] (Trac #1321, git 0bb258f8610620191d75cfd5d2308b6fc558c280) 401. [func]* jinmei libdns++: updated the internal implementation of the MessageRenderer class. This is mostly a transparent change, but the new version now doesn't allow changing compression mode in the middle of rendering (which shouldn't be an issue in practice). On the other hand, name compression performance was significantly improved: depending on the number of names, micro benchmark tests showed the new version is several times faster than the previous version . (Trac #1603, git 9a2a86f3f47b60ff017ce1a040941d0c145cfe16) 400. [bug] stephen Fix crash on Max OS X 10.7 by altering logging so as not to allocate heap storage in the static initialization of logging objects. (Trac #1698, git a8e53be7039ad50d8587c0972244029ff3533b6e) 399. [func] muks Add support for the SSHFP RR type (RFC 4255). (Trac #1136, git ea5ac57d508a17611cfae9d9ea1c238f59d52c51) 398. [func] jelte The b10-xfrin module now logs more information on successful incoming transfers. In the case of IXFR, it logs the number of changesets, and the total number of added and deleted resource records. For AXFR (or AXFR-style IXFR), it logs the number of resource records. In both cases, the number of overhead DNS messages, runtime, amount of wire data, and transfer speed are logged. (Trac #1280, git 2b01d944b6a137f95d47673ea8367315289c205d) 397. [func] muks The boss process now gives more helpful description when a sub-process exits due to a signal. (Trac #1673, git 1cd0d0e4fc9324bbe7f8593478e2396d06337b1e) 396. [func]* jinmei libdatasrc: change the return type of ZoneFinder::find() so it can contain more context of the search, which can be used for optimizing post find() processing. A new method getAdditional() is added to it for finding additional RRsets based on the result of find(). External behavior shouldn't change. The query handling code of b10-auth now uses the new interface. (Trac #1607, git 2e940ea65d5b9f371c26352afd9e66719c38a6b9) 395. [bug] jelte The log message compiler now errors (resulting in build failures) if duplicate log message identifiers are found in a single message file. Renamed one duplicate that was found (RESOLVER_SHUTDOWN, renamed to RESOLVER_SHUTDOWN_RECEIVED). (Trac #1093, git f537c7e12fb7b25801408f93132ed33410edae76) (Trac #1741, git b8960ab85c717fe70ad282e0052ac0858c5b57f7) 394. [bug] jelte b10-auth now catches any exceptions during response building; if any datasource either throws an exception or causes an exception to be thrown, the message processing code will now catch it, log a debug message, and return a SERVFAIL response. (Trac #1612, git b5740c6b3962a55e46325b3c8b14c9d64cf0d845) 393. [func] jelte Introduced a new class LabelSequence in libdns++, which provides lightweight accessor functionality to the Name class, for more efficient comparison of parts of names. (Trac #1602, git b33929ed5df7c8f482d095e96e667d4a03180c78) 392. [func]* jinmei libdns++: revised the (Abstract)MessageRenderer class so that it has a default internal buffer and the buffer can be temporarily switched. The constructor interface was modified, and a new method setBuffer() was added. (Trac #1697, git 9cabc799f2bf9a3579dae7f1f5d5467c8bb1aa40) 391. [bug]* vorner The long time unused configuration options of Xfrout "log_name", "log_file", "log_severity", "log_version" and "log_max_bytes" were removed, as they had no effect (Xfrout uses the global logging framework). However, if you have them set, you need to remove them from the configuration file or the configuration will be rejected. (Trac #1090, git ef1eba02e4cf550e48e7318702cff6d67c1ec82e) Please let us know about your experiences with using BIND 10. Jeremy C. Reed ISC Release Engineer