Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Jeremy C. Reed (jreedisc.org)
Date: Thu Mar 29 2012 - 13:06:25 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Development release of BIND 10: bind10-devel-20120329
Welcome to the 18th development release of BIND 10. This is the final
development release of our third project year. Its key enhancements
* Able to manually send out NOTIFY messages for a given zone.
* Support for the SSHFP resource record type (RFC 4255).
* Additional logging about AXFR and IXFR transfers for administrators.
* Significant DNS query performance improvements.
One of BIND 10's goals is to be at least as fast as BIND 9. At
our face-to-face meeting in January we identified some bottlenecks
in the code using gprof, valgrind, and oprofile. Over the past
two months, we dedicated some development time to research various
optimization and performance tasks. As a result, for various common
authoritative DNS server use cases, BIND 10 is now faster than BIND
9.9.0. (We will publish a Blog article about this soon.)
BIND 10 provides a C++ library for DNS (with python wrappers) and
several cooperating daemons for providing authoritative DNS service
(with SQLite3 and in-memory backends and DNSSEC support), DNS
forwarding, and recursive name service. It also includes experimental
DHCPv4 and DHCPv6 servers and a C++ library for DHCP. BIND 10 offers
statistics collection, remote configurations and operations, and
documented logging messages. While it contains prototype code and
experimental interfaces, both the authoritative and resolver servers
are being used in production.
Documentation is included and also available via the BIND 10
website at http://bind10.isc.org/
The bind10-devel-20120329 source may be downloaded from:
A PGP signature of the distribution is at
The signature was generated with the ISC public key, which is
available at https://www.isc.org/about/openpgp
Users and developers are encouraged to participate on the BIND 10
mailing lists. Please provide your feedback:
Bugs may be reported as tickets via the developers website
(after logging into Trac):
A summary of the significant changes since the previous release
include the following from the ChangeLog. (See the git history for
415. [doc] jinmei, jreed
BIND 10 Guide updated to now describe the in-memory data source
configurations for b10-auth.
(Trac #1732, git 434d8db8dfcd23a87b8e798e5702e91f0bbbdcf6)
414. [bug] jinmei
b10-auth now correctly handles delegation from an unsigned zone
(defined in the in-memory data source) when the query has DNSSEC
DO bit on. It previously returned SERVFAIL.
(Trac #1836, git 78bb8f4b9676d6345f3fdd1e5cc89039806a9aba)
413. [func] stephen, jelte
Created a new tool b10-dbutil, that can check and upgrade database
schemas, to be used when incompatible changes are introduced in the
backend database schema. Currently it only supports sqlite3 databases.
Note: there's no schema change that requires this utility as of
the March 29th release. While running it shouldn't break
an existing database file, it should be even more advisable not to
run it at the moment.
(Trac #963, git 49ba2cf8ac63246f389ab5e8ea3b3d081dba9adf)
412. [func] jelte
Added a command-line option '--clear-config' to bind10, which causes
the system to create a backup of the existing configuration database
file, and start out with a clean default configuration. This can be
used if the configuration file is corrupted to the point where it
cannot be read anymore, and BIND 10 refuses to start. The name of
the backup file can be found in the logs (CFGMGR_RENAMED_CONFIG_FILE).
(Trac #1443, git 52b36c921ee59ec69deefb6123cbdb1b91dc3bc7)
411. [func] muks
Add a -i/--no-kill command-line argument to bind10, which stops
it from sending SIGTERM and SIGKILL to other b10 processes when
they're shutting down.
(Trac #1819, git 774554f46b20ca5ec2ef6c6d5e608114f14e2102)
410. [bug] jinmei
Python CC library now ensures write operations transmit all given
data (unless an error happens). Previously it didn't check the
size of transmitted data, which could result in partial write on
some systems (notably on OpenBSD) and subsequently cause system
hang up or other broken state. This fix specifically solves start
up failure on OpenBSD.
(Trac #1829, git 5e5a33213b60d89e146cd5e47d65f3f9833a9297)
409. [bug] jelte
Fixed a parser bug in bindctl that could make bindctl crash. Also
improved 'command help' output; argument order is now shown
correctly, and parameter descriptions are shown as well.
(Trac #1172, git bec26c6137c9b0a59a3a8ca0f55a17cfcb8a23de)
408. [bug] stephen, jinmei
b10-auth now filters out duplicate RRsets when building a
response message using the new query handling logic. It's
currently only used with the in-memory data source, but will
also be used for others soon.
(Trac #1688, git b77baca56ffb1b9016698c00ae0a1496d603d197)
407. [build] haikuo
Remove "--enable-boost-threads" switch in configure command. This
thread lock mechanism is useless for bind10 and causes performance
(Trac #1680, git 9c4d0cadf4adc802cc41a2610dc2c30b25aad728)
406. [bug] muks
On platforms such as OpenBSD where pselect() is not available,
make a wrapper around select() in perfdhcp.
(Trac #1639, git 6ea0b1d62e7b8b6596209291aa6c8b34b8e73191)
405. [bug] jinmei
Make sure disabling Boost threads if the default configuration is
to disable it for the system. This fixes a crash and hang up
problem on OpenBSD, where the use of Boost thread could be
different in different program files depending on the order of
including various header files, and could introduce inconsistent
states between a library and a program. Explicitly forcing the
original default throughout the BIND 10 build environment will
prevent this from happening.
(Trac #1727, git 23f9c3670b544c5f8105958ff148aeba050bc1b4)
404. [bug] naokikambe
The statistic counters are now properly accumulated across multiple
instances of b10-auth (if there are multiple instances), instead of
providing result for random instance.
(Trac #1751, git 3285353a660e881ec2b645e1bc10d94e5020f357)
403. [build]* jelte
The configure option for botan (--with-botan=PATH) is replaced by
--with-botan-config=PATH, which takes a full path to a botan-config
script, instead of the botan 'install' directory. Also, if not
provided, configure will try out config scripts and pkg-config
options until it finds one that works.
(Trac #1640, git 582bcd66dbd8d39f48aef952902f797260280637)
402. [func] jelte
b10-xfrout now has a visible command to send out notifies for
a given zone, callable from bindctl. Xfrout notify <zone> [class]
(Trac #1321, git 0bb258f8610620191d75cfd5d2308b6fc558c280)
401. [func]* jinmei
libdns++: updated the internal implementation of the
MessageRenderer class. This is mostly a transparent change, but
the new version now doesn't allow changing compression mode in the
middle of rendering (which shouldn't be an issue in practice).
On the other hand, name compression performance was significantly
improved: depending on the number of names, micro benchmark tests
showed the new version is several times faster than the previous
(Trac #1603, git 9a2a86f3f47b60ff017ce1a040941d0c145cfe16)
400. [bug] stephen
Fix crash on Max OS X 10.7 by altering logging so as not to allocate
heap storage in the static initialization of logging objects.
(Trac #1698, git a8e53be7039ad50d8587c0972244029ff3533b6e)
399. [func] muks
Add support for the SSHFP RR type (RFC 4255).
(Trac #1136, git ea5ac57d508a17611cfae9d9ea1c238f59d52c51)
398. [func] jelte
The b10-xfrin module now logs more information on successful
incoming transfers. In the case of IXFR, it logs the number of
changesets, and the total number of added and deleted resource
records. For AXFR (or AXFR-style IXFR), it logs the number of
resource records. In both cases, the number of overhead DNS
messages, runtime, amount of wire data, and transfer speed are logged.
(Trac #1280, git 2b01d944b6a137f95d47673ea8367315289c205d)
397. [func] muks
The boss process now gives more helpful description when a
sub-process exits due to a signal.
(Trac #1673, git 1cd0d0e4fc9324bbe7f8593478e2396d06337b1e)
396. [func]* jinmei
libdatasrc: change the return type of ZoneFinder::find() so it can
contain more context of the search, which can be used for
optimizing post find() processing. A new method getAdditional()
is added to it for finding additional RRsets based on the result
of find(). External behavior shouldn't change. The query
handling code of b10-auth now uses the new interface.
(Trac #1607, git 2e940ea65d5b9f371c26352afd9e66719c38a6b9)
395. [bug] jelte
The log message compiler now errors (resulting in build failures) if
duplicate log message identifiers are found in a single message file.
Renamed one duplicate that was found (RESOLVER_SHUTDOWN, renamed to
(Trac #1093, git f537c7e12fb7b25801408f93132ed33410edae76)
(Trac #1741, git b8960ab85c717fe70ad282e0052ac0858c5b57f7)
394. [bug] jelte
b10-auth now catches any exceptions during response building; if any
datasource either throws an exception or causes an exception to be
thrown, the message processing code will now catch it, log a debug
message, and return a SERVFAIL response.
(Trac #1612, git b5740c6b3962a55e46325b3c8b14c9d64cf0d845)
393. [func] jelte
Introduced a new class LabelSequence in libdns++, which provides
lightweight accessor functionality to the Name class, for more
efficient comparison of parts of names.
(Trac #1602, git b33929ed5df7c8f482d095e96e667d4a03180c78)
392. [func]* jinmei
libdns++: revised the (Abstract)MessageRenderer class so that it
has a default internal buffer and the buffer can be temporarily
switched. The constructor interface was modified, and a new
method setBuffer() was added.
(Trac #1697, git 9cabc799f2bf9a3579dae7f1f5d5467c8bb1aa40)
391. [bug]* vorner
The long time unused configuration options of Xfrout "log_name",
"log_file", "log_severity", "log_version" and "log_max_bytes" were
removed, as they had no effect (Xfrout uses the global logging
framework). However, if you have them set, you need to remove
them from the configuration file or the configuration will be
(Trac #1090, git ef1eba02e4cf550e48e7318702cff6d67c1ec82e)
Please let us know about your experiences with using BIND 10.
Jeremy C. Reed
ISC Release Engineer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)
-----END PGP SIGNATURE-----
bind-announce mailing list