mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-26 19:41:04 -05:00
214 lines
9.3 KiB
HTML
214 lines
9.3 KiB
HTML
<!--
|
|
-
|
|
- This Source Code Form is subject to the terms of the Mozilla Public
|
|
- License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
- file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
-->
|
|
<!-- $Id$ -->
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
|
|
<title></title>
|
|
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
|
|
</head>
|
|
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article">
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
|
|
<a name="id-1.2"></a>Release Notes for BIND Version 9.17.0</h2></div></div></div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="relnotes_intro"></a>Introduction</h3></div></div></div>
|
|
<p>
|
|
BIND 9.17 is an unstable development release of BIND.
|
|
This document summarizes new features and functional changes that
|
|
have been introduced on this branch. With each development release
|
|
leading up to the stable BIND 9.18 release, this document will be
|
|
updated with additional features added and bugs fixed.
|
|
</p>
|
|
<p>
|
|
Please see the file <code class="filename">CHANGES</code> for a more
|
|
detailed list of changes and bug fixes.
|
|
</p>
|
|
</div>
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="relnotes_platforms"></a>Supported Platforms</h3></div></div></div>
|
|
<p>
|
|
To build on UNIX-like systems, BIND requires support for POSIX.1c
|
|
threads (IEEE Std 1003.1c-1995), the Advanced Sockets API for
|
|
IPv6 (RFC 3542), and standard atomic operations provided by the
|
|
C compiler.
|
|
</p>
|
|
<p>
|
|
The <code class="filename">libuv</code> asynchronous I/O library and the
|
|
OpenSSL cryptography library must be available for the target
|
|
platform. A PKCS#11 provider can be used instead of OpenSSL for
|
|
Public Key cryptography (i.e., DNSSEC signing and validation),
|
|
but OpenSSL is still required for general cryptography operations
|
|
such as hashing and random number generation.
|
|
</p>
|
|
<p>
|
|
More information can be found in the <code class="filename">PLATFORMS.md</code>
|
|
file that is included in the source distribution of BIND 9. If your
|
|
compiler and system libraries provide the above features, BIND 9
|
|
should compile and run. If that isn't the case, the BIND
|
|
development team will generally accept patches that add support
|
|
for systems that are still supported by their respective vendors.
|
|
</p>
|
|
</div>
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="relnotes_download"></a>Download</h3></div></div></div>
|
|
<p>
|
|
The latest versions of BIND 9 software can always be found at
|
|
<a class="link" href="https://www.isc.org/download/" target="_top">https://www.isc.org/download/</a>.
|
|
There you will find additional information about each release,
|
|
source code, and pre-compiled versions for Microsoft Windows
|
|
operating systems.
|
|
</p>
|
|
</div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="relnotes-9.17.0"></a>Notes for BIND 9.17.0</h3></div></div></div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h4 class="title">
|
|
<a name="relnotes-9.17.0-known"></a>Known Issues</h4></div></div></div>
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
|
|
<p>
|
|
UDP network ports used for listening can no longer simultaneously be
|
|
used for sending traffic. An example configuration which triggers
|
|
this issue would be one which uses the same
|
|
<em class="replaceable"><code>address:port</code></em> pair for
|
|
<span class="command"><strong>listen-on(-v6)</strong></span> statements as for
|
|
<span class="command"><strong>notify-source(-v6)</strong></span> or
|
|
<span class="command"><strong>transfer-source(-v6)</strong></span>. While this issue affects all
|
|
operating systems, it only triggers log messages (e.g. "unable to
|
|
create dispatch for reserved port") on some of them. There are
|
|
currently no plans to make such a combination of settings work again.
|
|
</p>
|
|
</li></ul></div>
|
|
</div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h4 class="title">
|
|
<a name="relnotes-9.17.0-new"></a>New Features</h4></div></div></div>
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
|
|
<p>
|
|
When a secondary server receives a large incremental zone
|
|
transfer (IXFR), it can have a negative impact on query
|
|
performance while the incremental changes are applied to
|
|
the zone. To address this, <span class="command"><strong>named</strong></span> can now
|
|
limit the size of IXFR responses it sends in response to zone
|
|
transfer requests. If an IXFR response would be larger than an
|
|
AXFR of the entire zone, it will send an AXFR response instead.
|
|
</p>
|
|
<p>
|
|
This behavior is controlled by the <span class="command"><strong>max-ixfr-ratio</strong></span>
|
|
option - a percentage value representing the ratio of IXFR size
|
|
to the size of a full zone transfer. The default is
|
|
<code class="literal">100%</code>. [GL #1515]
|
|
</p>
|
|
</li></ul></div>
|
|
</div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h4 class="title">
|
|
<a name="relnotes-9.17.0-changes"></a>Feature Changes</h4></div></div></div>
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
|
|
<li class="listitem">
|
|
<p>
|
|
The system-provided POSIX Threads read-write lock implementation is
|
|
now used by default instead of the native BIND 9 implementation.
|
|
Please be aware that glibc versions 2.26 through 2.29 had a
|
|
<a class="link" href="https://sourceware.org/bugzilla/show_bug.cgi?id=23844" target="_top">bug</a>
|
|
that could cause BIND 9 to deadlock. A fix was released in glibc 2.30,
|
|
and most current Linux distributions have patched or updated glibc,
|
|
with the notable exception of Ubuntu 18.04 (Bionic) which is a work in
|
|
progress. If you are running on an affected operating system, compile
|
|
BIND 9 with <span class="command"><strong>--disable-pthread-rwlock</strong></span> until a fixed
|
|
version of glibc is available. [GL !3125]
|
|
</p>
|
|
</li>
|
|
<li class="listitem">
|
|
<p>
|
|
The <span class="command"><strong>rndc nta -dump</strong></span> and
|
|
<span class="command"><strong>rndc secroots</strong></span> commands now both include
|
|
<span class="command"><strong>validate-except</strong></span> entries when listing negative
|
|
trust anchors. These are indicated by the keyword
|
|
<code class="literal">permanent</code> in place of the expiry
|
|
date. [GL #1532]
|
|
</p>
|
|
</li>
|
|
</ul></div>
|
|
</div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h4 class="title">
|
|
<a name="relnotes-9.17.0-bugs"></a>Bug Fixes</h4></div></div></div>
|
|
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
|
|
<p>
|
|
Fixed re-signing issues with inline zones which resulted in
|
|
records being re-signed late or not at all.
|
|
</p>
|
|
</li></ul></div>
|
|
</div>
|
|
|
|
</div>
|
|
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="relnotes_license"></a>License</h3></div></div></div>
|
|
<p>
|
|
BIND 9 is open source software licensed under the terms of the Mozilla
|
|
Public License, version 2.0 (see the <code class="filename">LICENSE</code>
|
|
file for the full text).
|
|
</p>
|
|
<p>
|
|
The license requires that if you make changes to BIND and distribute
|
|
them outside your organization, those changes must be published under
|
|
the same license. It does not require that you publish or disclose
|
|
anything other than the changes you have made to our software. This
|
|
requirement does not affect anyone who is using BIND, with or without
|
|
modifications, without redistributing it, nor anyone redistributing
|
|
BIND without changes.
|
|
</p>
|
|
<p>
|
|
Those wishing to discuss license compliance may contact ISC at
|
|
<a class="link" href="https://www.isc.org/contact/" target="_top">
|
|
https://www.isc.org/contact/</a>.
|
|
</p>
|
|
</div>
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="end_of_life"></a>End of Life</h3></div></div></div>
|
|
<p>
|
|
BIND 9.17 is an unstable development branch. When its development
|
|
is complete, it will be renamed to BIND 9.18, which will be a
|
|
stable branch.
|
|
</p>
|
|
<p>
|
|
The end of life date for BIND 9.18 has not yet been determined.
|
|
For those needing long term support, the current Extended Support
|
|
Version (ESV) is BIND 9.11, which will be supported until at
|
|
least December 2021.
|
|
</p>
|
|
<p>
|
|
See
|
|
<a class="link" href="https://kb.isc.org/docs/aa-00896" target="_top">https://kb.isc.org/docs/aa-00896</a>
|
|
for details of ISC's software support policy.
|
|
</p>
|
|
</div>
|
|
<div class="section">
|
|
<div class="titlepage"><div><div><h3 class="title">
|
|
<a name="relnotes_thanks"></a>Thank You</h3></div></div></div>
|
|
<p>
|
|
Thank you to everyone who assisted us in making this release possible.
|
|
</p>
|
|
</div>
|
|
</div>
|
|
</div></body>
|
|
</html>
|