* Support for the new GeoIP2 geolocation API
* Improved DNSSEC key configuration using dnssec-keys
+ * YAML output for dig, mdig, and delv.
Building BIND
.RS 4
Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&.
.RE
+.PP
+\fB+[no]yaml\fR
+.RS 4
+Print response data in YAML format\&.
+.RE
.SH "FILES"
.PP
/etc/bind\&.keys
in the type's presentation format.
</p>
</dd>
+<dt><span class="term"><code class="option">+[no]yaml</code></span></dt>
+<dd>
+ <p>
+ Print response data in YAML format.
+ </p>
+ </dd>
</dl></div>
<p>
Display [do not display] the TTL in friendly human\-readable time units of "s", "m", "h", "d", and "w", representing seconds, minutes, hours, days and weeks\&. Implies +ttlid\&.
.RE
.PP
+\fB+[no]unexpected\fR
+.RS 4
+Accept [do not accept] answers from unexpected sources\&. By default,
+\fBdig\fR
+won\*(Aqt accept a reply from a source other than the one to which it sent the query\&.
+.RE
+.PP
\fB+[no]unknownformat\fR
.RS 4
Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&.
is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&.
.RE
.PP
+\fB+[no]yaml\fR
+.RS 4
+Print the responses (and, if
+\fB+qr\fR
+is in use, also the outgoing queries) in a detailed YAML format\&.
+.RE
+.PP
\fB+[no]zflag\fR
.RS 4
Set [do not set] the last unassigned DNS header flag in a DNS query\&. This flag is off by default\&.
seconds, minutes, hours, days and weeks. Implies +ttlid.
</p>
</dd>
+<dt><span class="term"><code class="option">+[no]unexpected</code></span></dt>
+<dd>
+ <p>
+ Accept [do not accept] answers from unexpected sources. By
+ default, <span class="command"><strong>dig</strong></span> won't accept a reply from a
+ source other than the one to which it sent the query.
+ </p>
+ </dd>
<dt><span class="term"><code class="option">+[no]unknownformat</code></span></dt>
<dd>
<p>
stands for "virtual circuit".
</p>
</dd>
+<dt><span class="term"><code class="option">+[no]yaml</code></span></dt>
+<dd>
+ <p>
+ Print the responses (and, if <code class="option">+qr</code> is in use,
+ also the outgoing queries) in a detailed YAML format.
+ </p>
+ </dd>
<dt><span class="term"><code class="option">+[no]zflag</code></span></dt>
<dd>
<p>
\fI+[no]tcp\fR
is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&.
.RE
+.PP
+\fB+[no]yaml\fR
+.RS 4
+Print the responses in a detailed YAML format\&.
+.RE
.SH "LOCAL OPTIONS"
.PP
The
stands for "virtual circuit".
</p>
</dd>
+<dt><span class="term"><code class="option">+[no]yaml</code></span></dt>
+<dd>
+ <p>
+ Print the responses in a detailed YAML format.
+ </p>
+ </dd>
</dl></div>
<p>
<div>
<div><h1 class="title">
<a name="id-1"></a>BIND 9 Administrator Reference Manual</h1></div>
-<div><p class="releaseinfo">BIND Version 9.15.3</p></div>
+<div><p class="releaseinfo">BIND Version 9.15.4</p></div>
<div><p class="copyright">Copyright © 2000-2019 Internet Systems Consortium, Inc. ("ISC")</p></div>
</div>
<hr>
</dl></dd>
<dt><span class="appendix"><a href="Bv9ARM.ch08.html">A. Release Notes</a></span></dt>
<dd><dl>
-<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.15.3</a></span></dt>
+<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.15.4</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
</tr>
</table>
</div>
-<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.15.3 (Development Release)</p>
+<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.15.4 (Development Release)</p>
</body>
</html>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id-1.2"></a>Release Notes for BIND Version 9.15.3</h2></div></div></div>
+<a name="id-1.2"></a>Release Notes for BIND Version 9.15.4</h2></div></div></div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_features"></a>New Features</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
+ <p>
+ Added a new command line option to <span class="command"><strong>dig</strong></span>:
+ <span style="color: red"><comand>+[no]unexpected</comand></span>. By default, <span class="command"><strong>dig</strong></span>
+ won't accept a reply from a source other than the one to which
+ it sent the query. Add the <span class="command"><strong>+unexpected</strong></span> argument
+ to enable it to process replies from unexpected sources.
+ </p>
+ </li>
<li class="listitem">
<p>
The GeoIP2 API from MaxMind is now supported. Geolocation support
</li>
<li class="listitem">
<p>
- Statistics channel groups are now toggleable. [GL #1030]
+ Statistics channel groups are now toggleable. [GL #1030]
</p>
</li>
+<li class="listitem">
+ <p>
+ <span class="command"><strong>dig</strong></span>, <span class="command"><strong>mdig</strong></span> and
+ <span class="command"><strong>delv</strong></span> can all now take a <span class="command"><strong>+yaml</strong></span>
+ option to print output in a a detailed YAML format. [RT #1145]
+ </p>
+ </li>
</ul></div>
</div>
A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and
made default. Old non-default HMAC-SHA based DNS Cookie algorithms
have been removed, and only the default AES algorithm is being kept
- for legacy reasons. This changes doesn't have any operational impact
+ for legacy reasons. This change doesn't have any operational impact
in most common scenarios. [GL #605]
</p>
<p>
</li>
<li class="listitem">
<p>
- <span class="command"><strong>named-checkconf</strong></span> now correctly reports missing
- <span class="command"><strong>dnstap-output</strong></span> option when
+ <span class="command"><strong>named-checkconf</strong></span> now correctly reports
+ a missing <span class="command"><strong>dnstap-output</strong></span> option when
<span class="command"><strong>dnstap</strong></span> is set. [GL #1136]
</p>
</li>
when run with <span class="command"><strong>+expandaaaa +short</strong></span>. [GL #1152]
</p>
</li>
+<li class="listitem">
+ <p>
+ When a <span class="command"><strong>response-policy</strong></span> zone expires, ensure
+ that its policies are removed from the RPZ summary database.
+ [GL #1146]
+ </p>
+ </li>
</ul></div>
</div>
-Release Notes for BIND Version 9.15.3
+Release Notes for BIND Version 9.15.4
Introduction
New Features
+ * Added a new command line option to dig: <comand>+[no]unexpected</
+ comand>. By default, dig won't accept a reply from a source other than
+ the one to which it sent the query. Add the +unexpected argument to
+ enable it to process replies from unexpected sources.
+
* The GeoIP2 API from MaxMind is now supported. Geolocation support will
be compiled in by default if the libmaxminddb library is found at
compile time, but can be turned off by using configure --disable-geoip
* Statistics channel groups are now toggleable. [GL #1030]
+ * dig, mdig and delv can all now take a +yaml option to print output in
+ a a detailed YAML format. [RT #1145]
+
Removed Features
* The dnssec-enable option has been obsoleted and no longer has any
* A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and
made default. Old non-default HMAC-SHA based DNS Cookie algorithms
have been removed, and only the default AES algorithm is being kept
- for legacy reasons. This changes doesn't have any operational impact
- in most common scenarios. [GL #605]
+ for legacy reasons. This change doesn't have any operational impact in
+ most common scenarios. [GL #605]
If you are running multiple DNS Servers (different versions of BIND 9
or DNS server from multiple vendors) responding from the same IP
* named-checkconf now checks DNS64 prefixes to ensure bits 64-71 are
zero. [GL #1159]
- * named-checkconf now correctly reports missing dnstap-output option
+ * named-checkconf now correctly reports a missing dnstap-output option
when dnstap is set. [GL #1136]
* Handle ETIMEDOUT error on connect() with a non-blocking socket. [GL #
* dig now correctly expands the IPv6 address when run with +expandaaaa
+short. [GL #1152]
+ * When a response-policy zone expires, ensure that its policies are
+ removed from the RPZ summary database. [GL #1146]
+
License
BIND is open source software licensed under the terms of the Mozilla
projects / thirdparty / bind9.git / commitdiff
