BIND 9 Updates, April 2017

Maintenance - Plus

One hundred and seventy-eight tickets were resolved with 9.9.10, 9.10.5, 9.10.5-S and 9.11.1.

35 of these were minor features or feature changes and 13 were test items.

We incorporated 15 submitted patches, contributed by:

  • Hannes Frederic Sowa - Use IP_PMTUDISC_OMIT if available
  • Thomas Anderson - Fixing a build failure problem
  • LaMont Jones - “This patch has been kicking around in the Debian tree for quite some time.”
  • Tony Finch - No fewer than NINE changes from Tony!
  • Stacey Jonathan Marshall - Solaris Software (Allow krb5-config to be used when configuring gssapi)
  • Xose Vazquez Perez - Making sure we were aware of the IPv6 address for G.root
  • Petr Spacek - From when he was still at RedHat (we were sorry to see him leave!)

The Subscriber Preview edition, 9.10.5-S, included two very significant changes:

  • EDNS Client-Subnet Identifier (ECS) for caching resolver operations

    • Our implementation uses a white-list to identify servers to send client-subnet information to.
    • Naturally we also respect the client signalling requesting privacy.
  • Newly re-written Response Policy Zones (RPZ) engine

    • The re-implemented RPZ is 100% backwards compatible with the older RPZ implementation (according to our tests; please let us know if you find any differently!).
    • We have eliminated the blocking that could occur when processing large RPZ updates, significantly improving usability for heavily-loaded systems.
    • This is the first installment of our 2017 BIND refactoring effort. There is more to come in BIND 9.12.

Recent Posts

What's New from ISC

ISC's 2020 Accomplishments

2020 is finally over, and we can assess the damage. We at ISC are thankful that we have emerged remarkably unscathed by either the Pandemic or the related economic disruption.

Read post