BIND 9.10 – Statistics, Troubleshooting and Zone Configuration

BIND 9.10 brings updates to statistics, troubleshooting tools, and some helpful utilities for zone configuration. The release notes are now posted alongside the software download, and we have created a section in the Knowledgebase for articles on the new features.

Statistics Update

XML statistics reported from BIND are refocused on “newer” format. BIND can provide statistics in either XML or JSON formats. JSON is significantly faster than XML, but is not supported yet on Windows. Previous versions of BIND had offered the option of XML statistics in older (v2) or newer (v3) format. The older version 2 statistics date back to BIND 9.6.0, introduced in 2008. BIND 9.10 offers only v3 format but offers it in the default version (without needing to custom-build BIND with statistics enabled).

The statistics channel now also includes many new statistics, including stats for the resolver, cache, address database, dispatch manager, and task manager, which can be used to monitor server health. New URLs have been added to the statistics channel to provide broken-out subgroups of statistics so as to reduce parsing complexity. The XSL stylesheet that enables interpretation of XML statistics can now be cached by the browser. New counters track TCP and UDP queries on a per-zone basis. This satisfies the new ICANN reporting requirement for new Generic Top Level Domains (GTLDs). See Operating statistics provided by BIND statistics channels for more information about the XML statistics channel and its usage. Below are a couple of examples of the new statistics.

BIND 9 server counter statistics for the resolver, cache, address database, dispatch manager, and task manager Outgoing BIND 9 queries per view
BIND Tools

Release 9.10 previews the Domain Entity Lookup and Validation engine (DELV), a new DNSSEC troubleshooting tool intended to eventually obsolete dig+sigchase. See Eleven, twelve; dig and delv: BIND 9.10 for more information.

The dig tool now has EDNS client-subnet support and EDNS Expire support. “dig +subnet” sends an EDNS CLIENT-SUBNET option when querying. “dig +expire” sends an EDNS EXPIRE option when querying. When this option is sent with an SOA query to a server that supports it, it will report the expiry time of a slave zone.

A new command makes it easier for others to help you troubleshoot your configuration.

  • The new “named-checkconf -px” option will print the contents of configuration files with shared secrets obscured. This makes it easier to share your server configuration – for example, when reporting a bug – without revealing private information.
  • The “named-checkzone” and “named-compilezone” commands can now read journal files, allowing them to read the current state of a dynamic zone without freezing it and syncing its journal file first.
  • The new “named-rrchecker” tool can be used to verify the syntactic correctness of individual resource records, or to convert them into a canonical format so that a newly defined record type can be loaded into an older name server that doesn’t recognize it.
  • The new “rndc zonestatus” command reports information about a specified zone, including configuration details, last load time, serial number, and when the next automatic zone maintenance events are scheduled.

Recent Posts

What's New from ISC