Blogs

  • Why you want a root server nearby, even if you have to host it yourself

    There are three reasons why you want a root server near you: Performance (faster response time) Resilience (less affected by global infrastructure problems) Privacy (less opportunity for eavesdropping) Introduction In the early days of the internet, most international traffic passed through the USA. Traffic between two nodes in Japan that didn’t use the same ISP was often routed through San Francisco.

    Read more
    0
  • ISC DHCP moves to MPL 2.0 license

    We have decided to move ISC DHCP to the Mozilla Public License (MPL 2.0). In 2016 we re-licensed BIND and Kea under the Mozilla Public License 2.0.  At the time we solicited public comment, and talked to many stakeholders about it. In the end, we didn’t see any negative impact on our users from that change.  Now we plan to make the same shift from

    Read more
    0
  • BIND9 CVEs – Days from Report to Disclosure

    Over the past five years, we have taken on average, 32 days to publicly disclose a BIND vulnerability, from the time we receive the first report.   Typical steps from report to disclosure include: Set-up secure email link with reporter, request more details Reproduce in house (this can take a while, particularly if the reporter can’t provide enough detail) Team

    Read more
    0
  • BIND and ISC DHCP Bug DB opening for Guest users

    Update: to access the bug database, go to bugs.isc.org, click on the Guest login, and select “bug-list” for either DHCP or BIND9. We are excited to announce that, beginning July 7th, we will finally be enabling read-only Guest access to our BIND and DHCP bug database. I know what you are thinking. Every other open source project has had an

    Read more
    0
  • I/O Efficient GZip Compression of Packet Captures

    One of the major challenges with logging network traffic is that it is very disk I/O intensive. It can also require a lot of storage. The storage requirements often lead to the use of file compression algorithms such as gzip to reduce the amount of disk space needed. For DNS traffic this can typically result in an 80% reduction in

    Read more
    0
  • Funding Kea

    Kea 1.2.0 was released a couple of days ago. You may have noticed that there are two new premium features available. We have received some questions. Is Kea becoming commercial? No. Kea is and will remain open source. Fears that Kea is becoming a commercial product are simply not true. Our first commercial add-on – the Kea Forensic Logging library –

    Read more
    0
  • 0
  • BIND Updates for April, 2017

    One hundred and seventy-eight tickets were resolved with 9.9.10, 9.10.5, 9.10.5-S and 9.11.1. 35 of these were minor features or feature changes and 13 were test items. We incorporated 15 submitted patches, contributed by: Hannes Frederic Sowa (Use IP_PMTUDISC_OMIT if available) Thomas Anderson (fixing a build failure problem) LaMont Jones “This patch has been kicking around in the Debian tree for

    Read more
    0
  • 2016 Accomplishments – Another year of open source networking software

    “ISC is dedicated to developing software and offering services in support of the Internet infrastructure.” Once a year, we attempt to catalog what we did the prior year towards supporting the infrastructure.  We do have a small team who are very busy keeping F Root going, as well as the hosting services we still provide for some non-profits, but they are too busy

    Read more
    0
  • DNS Checker

    We have just released a new utility in the Apple app store. It tests recursive DNS servers for conformance against current DNS protocol specifications, especially with regard to EDNS(0) as specified in RFC 6891. Like our other utility on the app store, Dig, this is a free download, and we do not provide formal support for it. Ray Bellis, ISC’s

    Read more
    0
  • BIND 9 Refactoring

    The first release of BIND 9 was in September 2000. In the intervening 16 years, we have issued 225 more releases, give or take a few.  We have continuously added new additional features and RFCs. BIND 9 is a big project: at last count there were 691,554 lines of code* in BIND.  That is 3 times the size of PowerDNS, 5

    Read more
    0
  • Will IPv6 end address blacklisting?

    The question has risen: “is IPv6 the end of address blacklisting”?

    I think not, but the mechanisms used will likely change.

    Read more
    0

Last modified: November 1, 2016 at 1:25 pm