BIND 9.9.0
- BIND 9.9.0 includes a number of changes from BIND 9.6 and earlier
+ BIND 9.9.0 includes a number of changes from BIND 9.8 and earlier
releases. New features include:
+ - Inline signing, allowing automatic DNSSEC signing of
+ master zones without modification of the zonefile, or
+ "bump in the wire" signing in slaves.
- NXDOMAIN redirection.
- - Improved scalability from using multiple threads to
- listen for queries.
- New 'rndc flushtree' command clears all data under a given
name from the DNS cache.
- - New 'rndc sync' command dumps pending changes in a dynamic zone
- to disk without a freeze/thaw cycle.
+ - New 'rndc sync' command dumps pending changes in a dynamic
+ zone to disk without a freeze/thaw cycle.
+ - New 'rndc signing' command displays or clears signing status
+ records in 'auto-dnssec' zones
+ - NSEC3 parameters for 'auto-dnssec' zones can now be set prior
+ to signing, eliminating the need to initially sign with NSEC.
+ - Startup time improvements on large authoritative servers
+ - Slave zones are now saved in raw format by default
+ - Several improvements to response policy zones (RPZ)
+ - Improved scalability from using multiple threads to
+ listen for queries.
- The 'also-notify' option now takes the same syntax as
'masters', so it can used named masterlists and TSIG keys.
- - 'auto-dnssec' zones can now have NSEC3 parameters set prior
- to signing.
- 'dnssec-signzone -D' writes an output file containing only DNSSEC
data, which can be included by the primary zone file.
- 'dnssec-signzone -R' forces removal of signatures that are
table per RFC 6303.
- Dynamic updates can now optionally set the zone's SOA serial
number to the current UNIX time.
+ - DLZ modules can now retrieve the source IP address of
+ the querying client
+ - 'request-ixfr' option can now be set at the per-zone level.
BIND 9.8.0
projects / thirdparty / bind9.git / commitdiff
