diff options
Diffstat (limited to 'contrib/bind/README')
| -rw-r--r-- | contrib/bind/README | 213 |
1 files changed, 0 insertions, 213 deletions
diff --git a/contrib/bind/README b/contrib/bind/README deleted file mode 100644 index 65f966467c059..0000000000000 --- a/contrib/bind/README +++ /dev/null @@ -1,213 +0,0 @@ -This is the source portion of BIND version 8.2.3-T2B. Its companions -are "doc" and "contrib" so you are probably not missing anything. - -See the CHANGES file for a detailed listing of all changes. See the INSTALL -file for information on building and installing BIND. - -See the SUPPORT file for information on obtaining commercial support for ISC -artifacts including BIND, INN, and DHCP. - -SECURITY NOTE: - - Solaris and other pre-4.4BSD kernels do not respect ownership or - protections on UNIX-domain sockets. This means that the default - path for the NDC control socket (/var/run/ndc) is such that any - user (root or other) on such systems can issue any NDC command - except "start" and "restart". The short term fix for this is to - override the default path and put such control sockets into root- - owned directories which do not permit non-root to r/w/x through them. - The medium term fix is for BIND to enforce this requirement internally. - The long term fix is for all kernels to upgrade to 4.4BSD semantics. - -BIND 8.2.2 patchlevel 5 Highlights - - Bug in named-xfer (from patchlevel 4). - Portability to IPv6 versions of FreeBSD, OpenBSD, NetBSD. - Portability improvements (A/UX, AIX, IRIX, NetBSD, SCO, MPE/IX, NT). - "also-notify" option could cause memory allocation errors. - IXFR improvements (though client-side is still disabled). - Contributed software upgraded (including TIS's "dns_signer"). - Several latent denial-of-service bugs fixed (from audits, not abuse). - New "make noesw" top-level target for removing encumbered components. - -BIND 8.2.2 Highlights - - Interoperability with MS-Win2K has been improved. - Server-side IXFR is now known to work even under high load. - Support for Windows/NT (thanks to BayNetworks). - More fixes, especially to DNSSEC, TSIG, IXFR, and selective forwarding. - More portability improvements and lint removal (A/UX 3.1.1, SCO 5.0). - Better NOTIFY behaviour, especially with large update volume. - Better UPDATE handling, including SRV RR support and RFC compliance. - Fix for "ndc reload ZONENAME" (specific zone reload) problems. - Fix for round robin when multiple CNAMEs are in use. - New "min-roots" (MINROOTS) and "serial-queries" (MAXQSERIAL) options. - Log files are no longer auto-rotated every time the server starts up. - New "ndc reconfig" command only finds new/deleted zones, no stat()ing. - New global options for "transfer-source" and "also-notify". - $GENERATE now supports more record types, and options. - - -BIND 8.2.1 Highlights - - Bug fixes, especially to DNSSEC, TSIG, IXFR, and selective forwarding. - Portability improvements and lint removal. - Use best SOA rather than first-better when selecting an AXFR master. - $TTL now accepts symbolic time values (such as "$TTL 1h30m"). - "ndc reload" now accepts a zone argument, for single-zone reloads. - ndc is better behaved; is verbose or quiet when appropriate. - event and error reporting improvements. - -BIND 8.2 Highlights - - RFC 2308 (Negative Caching) - RFC 2181 (DNS Clarifications) - RFC 2065 (DNS Security) - TSIG (Transaction SIGnatures) - support for multiple virtual name servers - NDC uses a "control channel" now (no more signals) - "Split DNS" via zone type "forward". - - Many bug fixes - Documentation improvements - Performance enhancements - - -BIND 8.1.2 Highlights - - Security fixes for a number of problems including: - - An attacker could overwrite the stack if inverse query support - was enabled. - - A number of denial of service attacks where malformed packets - could cause the server to crash. - - The server was willing to answer queries on its forwarding - sockets. - - Several memory leaks have been plugged. - - The server no longer panics if a periodic interface scan fails due - to no file descriptors being available. - - Updates to a number of ports. New ports for QNX, LynxOS, HP-UX 9.x, - and HP MPE. - - "files unlimited" now works as expected on systems where setting - an infinite rlim_max for RLIMIT_NOFILE works. - - Adding and deleting the same record in the same dynamic update no - longer crashes the server. - - If a dynamic update fails, rollback is now done in LIFO order instead - of FIFO order. - - Better behavior when priming of the root servers fails. - - purge_zone() didn't work correctly for the root zone, allowing - old data to persist after loading the zone. - - Improved handling of oversized UDP packets. - - All hosts on the also-notify list are now notified. - - The meaning of the count returned by select() varies somewhat by - operating system, and this could cause previous releases of the - server to spin. - - Per-host statistics may be disabled by specifying 'host-statistics no' - in named.conf. - - The maximum number of zones has been increased from 32768 to 65536. - - query-source may specify an address and port that the server is - already listening on. BIND 8.1.1 required that either the address - or port be wild. E.g., you can now say: - - listen-on port 53 { 10.0.0.1; }; - query-source address 10.0.0.1 port 53; - - The value of FD_SETSIZE to use may be specified. - - Experimental -u (set user id), -g (set group id), and -t (chroot) - command line options. See the INSTALL file for details. - - -BIND 8 Features - - -> DNS Dynamic Updates (RFC 2136) - - -> DNS Change Notification (RFC 1996) - - -> Completely new configuration syntax - - -> Flexible, categorized logging system - - -> IP-address-based access control for queries, zone transfers, and - updates that may be specified on a zone-by-zone basis - - -> More efficient zone transfers - - -> Improved performance for servers with thousands of zones - - -> The server no longer forks for outbound zone transfers - - -> Many bug fixes - - -File and Directory Overview - - CHANGES history of added features and - fixed bugs - - INSTALL how to build and install - - README this file - - TODO features planned but not yet written - - Version the version number of this release - - bin/* source for executables, including - the nameserver - - include/* public .h files - - lib/* the resolver and various BIND - support libraries - - port/* ports to various operating systems - - -Kits, Questions, Comments, and Bug Reports - - <URL:ftp://ftp.isc.org/isc/bind/src/cur> current non-test release - <URL:ftp://ftp.isc.org/isc/bind/src/testing> latest public test kit - - <URL:usenet:comp.protocols.dns.bind> using BIND - <URL:usenet:comp.protocols.dns.ops> DNS operations in general - <URL:usenet:comp.protocols.dns.std> DNS standards in general - - <URL:mailto:bind-users-request@vix.com> gw'd to u:c.p.d.bind - <URL:mailto:namedroppers-request@internic.net> gw'd to u:c.p.d.std - <URL:mailto:bind-workers-request@vix.com> code warriors only please - - <URL:http://www.isc.org/bind.html> the BIND home page - <URL:mailto:bind-bugs@isc.org> bug reports - - -To Support the Effort - - Note that BIND is supported by the Internet Software Consortium, and - although it is free for use and redistribution and incorporation into - vendor products and export and anything else you can think of, it - costs money to produce. That money comes from ISPs, hardware and - software vendors, companies who make extensive use of the software, - and generally kind hearted folk such as yourself. - - The Internet Software Consortium has also commissioned a DHCP server - implementation, has taken over official support/release of the INN - system, and has supported the Kerberos Version 5 effort at MIT. You - can learn more about the ISC's goals and accomplishments from the web - page at <URL:http://www.isc.org/>. |