Copyright © 2010 Internet Systems Consortium, Inc.
Abstract
This is the reference guide for BIND 10.
+
Copyright © 2010 Internet Systems Consortium, Inc.
Abstract
This is the reference guide for BIND 10.
The most up-to-date version of this document, along with other documents for BIND 10, can be found at http://bind10.isc.org/docs. -
Table of Contents
Table of Contents
+
Table of Contents
Table of Contents
BIND is the popular implementation of a DNS server, developer interfaces, and DNS tools. BIND 10 is a rewrite of BIND 9. BIND 10 is written in C++ and Python @@ -11,10 +11,10 @@ This guide covers the experimental prototype version of BIND 10.
- BIND 10, at this time, does not provide an recursive + BIND 10, at this time, does not provide a recursive DNS server. It does provide a EDNS0- and DNSSEC-capable authoritative DNS server. -
BIND 10 builds have been tested on Debian GNU/Linux 5, Ubuntu 9.10, NetBSD 5, Solaris 10, FreeBSD 7, and CentOS Linux 5.3. @@ -24,16 +24,16 @@ It is planned for BIND 10 to build, install and run on Windows and standard Unix-type platforms. -
BIND 10 requires Python 3.1. Later versions may work, but Python 3.1 is the minimum version which will work.
For this development prototype release, the only supported data source backend is SQLite3. The authoritative server requires SQLite 3.3.9 or newer. - The b10-xfrin and b10-xfrout - modules require the libpython3 library and the Python - _sqlite3.so module. + The b10-xfrin, b10-xfrout, + and b10-zonemgr modules require the + libpython3 library and the Python _sqlite3.so module.
Some operating systems do not provide these dependencies in their default installation nor standard packages @@ -83,6 +83,11 @@ This process is used to handle transfer requests to send a local zone to a remote secondary server, when acting as a master server. +
These are ran automatically by bind10 @@ -116,7 +121,7 @@ and, of course, DNS. These include detailed developer documentation and code examples. -
Table of Contents
+
Table of Contents
Some operating systems have split their distribution packages into a run-time and a development package. You will need to install the development package versions, which include header files and @@ -176,14 +181,14 @@ the Subversion code revision control system or as a downloadable tar file. It may also be available in pre-compiled ready-to-use packages from operating system vendors. -
+
Downloading a release tar file is the recommended method to obtain the source code.
The BIND 10 releases are available as tar file downloads from ftp://ftp.isc.org/isc/bind10/. Periodic development snapshots may also be available. -
Downloading this "bleeding edge" code is recommended only for developers or advanced users. Using development code in a production environment is not recommended. @@ -215,7 +220,7 @@ autoheader, automake, and related commands. -
BIND 10 uses the GNU Build System to discover build environment details. To generate the makefiles using the defaults, simply run: @@ -246,16 +251,16 @@
If the configure fails, it may be due to missing or old dependencies. -
After the configure step is complete, to build the executables from the C++ code and prepare the Python scripts, run:
$ make-
To install the BIND 10 executables, support files, and documentation, run:
$ make install-
The install step may require superuser privileges.
The following is the layout of the complete BIND 10 installation:
bin/ —
@@ -307,8 +312,9 @@
The bind10 master process will also start up
b10-cmdctl for admins to communicate with the
system, b10-auth for Authoritative DNS service,
- b10-xfrin for inbound DNS zone transfers.
- and b10-xfrout for outbound DNS zone transfers.
+ b10-xfrin for inbound DNS zone transfers,
+ b10-xfrout for outbound DNS zone transfers,
+ and b10-zonemgr for secondary service.
To start the BIND 10 service, simply run bind10.
Run it with the --verbose switch to
@@ -467,7 +473,7 @@ shutdown
the details and relays (over a b10-msgq command
channel) the configuration on to the specified module.
-
Table of Contents
+
Table of Contents
The b10-auth is the authoritative DNS server. It supports EDNS0 and DNSSEC. It supports IPv6. Normally it is started by the bind10 master @@ -475,7 +481,7 @@ shutdown
This development prototype release listens on all interfaces and the non-standard port 5300. -
b10-auth is configured via the b10-cfgmgr configuration manager. The module name is “Auth”. @@ -495,7 +501,7 @@ This may be a temporary setting until then.
-
+
For the development prototype release, b10-auth
only supports the SQLite3 data source backend.
Upcoming versions will be able to use multiple different
@@ -508,7 +514,7 @@ This may be a temporary setting until then.
The default is /usr/local/var/.)
This data file location may be changed by defining the
“database_file” configuration.
-
RFC 1035 style DNS master zone files may imported into a BIND 10 data source by using the b10-loadzone utility. @@ -544,12 +550,12 @@ This may be a temporary setting until then. transfer. When received, it is stored in the BIND 10 data store, and its records can be served by b10-auth. - This allows the BIND 10 server to provide - “secondary” service. + In combination with b10-zonemgr (for + automated SOA checks), this allows the BIND 10 server to + provide “secondary” service.
The current development release of BIND 10 only supports AXFR. (IXFR is not supported.) - It also does not yet support automated SOA checks.
To manually trigger a zone transfer to retrieve a remote zone, you may use the bindctl utility. @@ -564,9 +570,24 @@ This may be a temporary setting until then. sends the zone. This is used to provide master DNS service to share zones to secondary name servers. + The b10-xfrout is also used to send + NOTIFY messages to slaves.
The current development release of BIND 10 only supports AXFR. (IXFR is not supported.) - It also does not yet support NOTIFY. Access control is not yet provided. +
+ The b10-zonemgr process is started by + bind10. + It keeps track of SOA refresh, retry, and expire timers + and other details for BIND 10 to perform as a slave. + When the b10-auth authoritative DNS server + receives a NOTIFY message, b10-zonemgr + may tell b10-xfrin to do a refresh + to start an inbound zone transfer. + The secondary manager resets its counters when a new zone is + transferred in. +
+ Access control (such as allowing notifies) is not yet provided. + The primary/secondary service is not yet complete.