Exploring the new Bind 10 name server

Test Drive

Article from Issue 152/2013
Author(s):

Admins have waited all of five years for the 10th major release of the Bind name server, which appeared at the end of March this year. The latest release is a complete rewrite of the DNS server, with a modular design and new configuration tools, but is it ready for business?

The Bind name server has a mixed reputation. Although the lion's share of DNS servers on the web run it, veteran administrators will recall – with a mixture of melancholy and horror – the difficult transition from Bind 4 to Bind 8: Although the zone files were almost identical, the configuration moved from named.boot to named.conf. The format suddenly contained brackets and semicolons that were once unnecessary. Additionally, Bind 8 and its successor allowed more configuration options, for which the old format proved insufficient.

After five years of development (Figure 1), Bind 10 brings even greater upheaval. Not only the configuration, but also the architecture has changed fundamentally. JSON database files replace named.conf; zones are still configured with familiar zone files, but in operation they are also stored in SQLite. (The administrator has the option to disable the default database storage option and go back to storage in normal zone files.)

Figure 1: Started in 2008, completed in 2013 – is everything on schedule for Bind 10?

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • DHCP and DNS on Rasp Pi

    The versatile Raspberry Pi can serve many roles on a home network. We'll show you how to set up the Pi to provide some important network services.

    more »
  • DoS Attack Exploit in BIND 9

    A specially crafted dynamic update message to a DNS zone for which the server is a master can raise havoc in BIND 9. An active remote exploit is already "in wide circulation."

    more »
  • DNSSEC

    Some Internet exploits target name resolution servers. DNSSEC uses cryptography to protect the name resolution service.

    more »
  • Local DNS with Unbound

    You don't have to be satisfied with your ISP's slow and cumbersome DNS server. Your own Unbound server could improve performance as well as security.

    more »
  • Security Lessons: DNS Security

    Kurt describes how to keep bad guys out of your network using a targeted filtering approach.

    more »
comments powered by Disqus