3535. [func] Add support for setting Differentiated Services Code
Point (DSCP) values in named. Most configuration
options which take a "port" option (e.g.,
listen-on, forwarders, also-notify, masters,
notify-source, etc) can now also take a "dscp"
option specifying a code point for use with
outgoing traffic, if supported by the underlying
OS. [RT #27596]
3504. [func] Add support for ACLs based on geographic location,
using MaxMind GeoIP databases. Based on code
contributed by Ken Brownfield <kb@slide.com>.
[RT #30681]
support for addzone/delzone feature (see change
#2930). Removed "new-zone-file" option, replaced
with "allow-new-zones (yes|no)". The new-zone-file
for each view is now created automatically, with
a filename generated from a hash of the view name.
It is no longer necessary to "include" the
new-zone-file in named.conf; this happens
automatically. Zones that were not added via
"rndc addzone" can no longer be removed with
"rndc delzone". [RT #19447]
allow dynamic addition and deletion of zones.
To enable this feature, specify a "new-zone-file"
option at the view or options level in named.conf.
Zone configuration information for the new zones
will be written into that file. To make the new
zones persist after a restart, "include" the file
into named.conf in the appropriate view. (Note:
This feature is not yet documented, and its syntax
is expected to change.) [RT #19447]
- add ddns-confgen command to generate
configuration text for named.conf
- add zone option "ddns-autoconf yes;", which
causes named to generate a TSIG session key
and allow updates to the zone using that key
- add '-l' (localhost) option to nsupdate, which
causes nsupdate to connect to a locally-running
named process using the session key generated
by named
[RT #19284]
"dnssec-lookaside auto;" This is the equivalent
of "dnssec-lookaside . trust-anchor dlv.isc.org;"
plus setting a trusted-key for dlv.isc.org.
Note: The trusted key is hard-coded into named,
but is also stored in (and can be overridden
by) $sysconfdir/bind.keys. As the ISC DLV key
rolls over it can be kept up to date by replacing
the bind.keys file with a key downloaded from
https://www.isc.org/solutions/dlv. [RT #18685]
