ISC Software Lifetimes

ISC recently improved its software support lifetime and End-of-Life (EOL) policies. Previously, ISC only provided public development and commercial support for the latest major release version and the prior major release version. Also the next older major release version became EOL six months after the latest major release was announced. (So for six months, three major versions are supported.)

A “major” release or .0 (dot zero) version provides significant new features or code changes and may introduce incompatibilities. A “minor” version may include small improvements and bug fixes and should be upgrade compatible. Using BIND as an example, version 9.5.0 is a major release and version 9.5.2 is a minor release.

Over the past year, I did various research in regards to versioning and lifetimes. The following is some of that research. (Note I don’t include DHCP research here.)

  • BIND 9.3.0 was released in Sep. 2004
  • BIND 9.4.0 was released Feb. 2007
  • BIND 9.5.0 was released in May 2008
  • BIND 9.6.0 was released Dec. 2008
  • BIND 9.7.0 is scheduled to be released in Dec. 2009.

Six months after 9.5.0 was released (Nov. 2008), the 9.3.x branch became EOL. And under the old policy: six months after 9.6.0 was released (May 2009), the 9.4.x branch became EOL. In some cases, versions were supported for over three years and some versions could only be supported for 18 months.

It is interesting to note that many vendors ship ISC software that ISC no longer supports. Their support lifetimes don’t match up with our previous lifetime policy. Two vendors (out of many) who ship and support ISC BIND code include HP and Red Hat.

HP-UX

Introduced Version End of Sales EOL
Nov 1997 11.0 Feb 2005 Dec 2006
Dec 2002 11i v1 Dec 2009 Dec 2013
Sep 2003 11iv2 Dec2009 Dec 2013
Feb 2007 11i v3 Dec 2012 Dec 2017

Red Hat Enterprise Linux

Introduced Version End of Sales EOL
May 2002 2.1 Nov 2004 May 2009
Oct 2003 3 Jul 2006 Oct 2010
Feb 2005 4 Mar 2009 Feb 2012
Mar 2007 5 Mar 2011? Mar 2014

As you can see, the vendors may support software for years after it has been deprecated by the upstream (the original developers).

At the end of 2008, I conducted an informal survey on the public bind-users mailing list. I found that near 27% of the bind-users who provided feedback used EOL BIND versions.

ISC provides commercial support services. Some of our customers have over a 100 named servers installed and some use a variety of BIND versions. A few months ago, looking at just the oldest version in use per customer, I found that 24 different versions were in use. At the time of my research, approximately 42% of ISC’s paying support customers were running EOL BIND code. Here are the percentages that were in use by major version:

Percentage BIND Version
3% 8.3
3% 8.4
15% 9.2
21% 9.3
35% 9.4
12% 9.5
12% 9.6

Next, I analyzed the DNS version data from the recent OARC Day in the Life of the Internet (DITL) survey collection which contains 1731532 entries. Note this survey data contains other (non-ISC) DNS servers also. I found:

  • 0.045% to 0.096 run BIND 4.
  • 1.11% to 1.78% run BIND 8.
  • 17.06% run EOL 9.x (before 9.4).

So around 18.93% name servers report they are using EOL BIND code. Some may be faked server version information. And the fpdns (the DNS fingerprinting software used at that time) is not accurate for 9.3 versus 9.4. But I think that is a near accurate estimate for the low end.

And for the 557689 entries that indicate they are running BIND:

  • 0.13% to 0.3% indicate BIND 4.
  • 3.14% to 5.52% indicate BIND 8.
  • 50.53% running BIND 9.[0123].

So 56.34% report running EOL BIND (at the time of the DITL survey).

What ISC needed was an End of Life policy that was clearly documented and easy to find. In addition, the EOL policy should consider use by real world, so can’t be entirely based on timing of future releases.

ISC has decided to provide an Extended Support Versions (ESV) for BIND and DHCP which will be supported for three years with critical bug fixes only. Every 18 months, ISC will start an additional ESV release (based on newer software release), so there will be a continuous flow of extended support releases. The ISC EOL policy is documented at https://www.isc.org/softwaresupportpolicy.

Later, we will write other blog articles with further ESV details and about related BIND 10 release plans.

0 Comments

Leave a reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Protected with IP Blacklist CloudIP Blacklist Cloud

What is 5 + 3 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)