BIND
   HOME

TheInfoList



OR:

BIND () is a suite of software for interacting with the
Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned t ...
(DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name
daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and Greek mythology, mythology and of later Hellenistic religion and Hell ...
''), performs both of the main DNS server roles, acting as an
authoritative name server A name server refers to the server component of the Domain Name System (DNS), one of the two principal namespaces of the Internet. The most important function of DNS servers is the translation (resolution) of human-memorable domain names (example. ...
for DNS zones and as a recursive resolver in the network. As of 2015, it is the most widely used domain name server software, and is the ''de facto'' standard on
Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
operating systems. Also contained in the suite are various administration tools such as
nsupdate nsupdate is a computer network maintenance utility used by network administrators to instruct the name server of a DNS zone to update its database. The name server might be local to a domain or, with appropriate authentication and permission prov ...
and dig, and a DNS resolver interface library. The software was originally designed at the
University of California, Berkeley The University of California, Berkeley (UC Berkeley, Berkeley, Cal, or California) is a public land-grant research university in Berkeley, California. Established in 1868 as the University of California, it is the state's first land-grant u ...
(UCB) in the early 1980s. The name originates as an acronym of ''Berkeley Internet Name Domain'', reflecting the application's use within UCB. The latest version is BIND 9, first released in 2000 and still actively maintained by the Internet Systems Consortium (ISC) with new releases issued several times a year.


Key features

BIND 9 is intended to be fully compliant with th
IETF DNS standards and draft standards
Important features of BIND 9 include:
TSIG TSIG (transaction signature) is a computer-networking protocol defined in RFC 2845. Primarily it enables the Domain Name System (DNS) to authenticate updates to a DNS database. It is most commonly used to update Dynamic DNS or a secondary/slave D ...
,
nsupdate nsupdate is a computer network maintenance utility used by network administrators to instruct the name server of a DNS zone to update its database. The name server might be local to a domain or, with appropriate authentication and permission prov ...
,
IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv ...
, RNDC (remote name daemon control), views, multiprocessor support, Response Rate Limiting (RRL),
DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protoc ...
, and broad portability. RNDC enables remote configuration updates, using a
shared secret In cryptography, a shared secret is a piece of data, known only to the parties involved, in a secure communication. This usually refers to the key of a symmetric cryptosystem. The shared secret can be a password, a passphrase, a big number, or ...
to provide
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...
for local and remote terminals during each session.


Database support

While earlier versions of BIND offered no mechanism to store and retrieve zone data in anything other than flat text files, in 2007 BIND 9.
DLZ
provided a compile-time option for zone storage in a variety of database formats including
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
,
Berkeley DB Berkeley DB (BDB) is an unmaintained embedded database software library for key/value data, historically significant in open source software. Berkeley DB is written in C with API bindings for many other programming languages. BDB stores arbitr ...
, PostgreSQL,
MySQL MySQL () is an open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A relational database ...
, and ODBC. BIND 10 planned to make the data store modular, so that a variety of databases may be connected. In 2016 ISC added support for the 'dyndb' interface, contributed by RedHat, with BIND version 9.11.0.


Security

Security issues that are discovered in BIND 9 are patched and publicly disclosed in keeping with common principles of open source software. A complete list of security defects that have been discovered and disclosed in BIND9 is maintained by Internet Systems Consortium, the current authors of the software. The BIND 4 and BIND 8 releases both had serious security vulnerabilities. Use of these ancient versions, or any un-maintained, non-supported version is strongly discouraged. BIND 9 was a complete rewrite, in part to mitigate these ongoing security issues. Th
downloads page on the ISC web site
clearly shows which versions are currently maintained and which are end of life.


History

BIND was originally written by four
graduate student Postgraduate or graduate education refers to academic or professional degrees, certificates, diplomas, or other qualifications pursued by post-secondary students who have earned an undergraduate (bachelor's) degree. The organization and s ...
s at the Computer Systems Research Group (CSRG) at the
University of California, Berkeley The University of California, Berkeley (UC Berkeley, Berkeley, Cal, or California) is a public land-grant research university in Berkeley, California. Established in 1868 as the University of California, it is the state's first land-grant u ...
, Douglas Terry, Mark Painter, David Riggle and Songnian Zhou, in the early 1980s as a result of a
DARPA The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military. Originally known as the Ad ...
grant. The acronym ''BIND'' is for ''Berkeley Internet Name Domain'', from a technical paper published in 1984. It was first released with Berkeley Software Distribution 4.3BSD. Versions of BIND through 4.8.3 were maintained by the CSRG.
Paul Vixie Paul Vixie is an American computer scientist whose technical contributions include Domain Name System (DNS) protocol design and procedure, mechanisms to achieve operational robustness of DNS implementations, and significant contributions to open ...
of
Digital Equipment Corporation Digital Equipment Corporation (DEC ), using the trademark Digital, was a major American company in the computer industry from the 1960s to the 1990s. The company was co-founded by Ken Olsen and Harlan Anderson in 1957. Olsen was president un ...
(DEC) took over BIND development in 1988, releasing versions 4.9 and 4.9.1. Vixie continued to work on BIND after leaving DEC. BIND Version 4.9.2 was sponsored by Vixie Enterprises. Vixie eventually founded the
Internet Software Consortium Internet Systems Consortium, Inc., also known as ISC, is a Delaware-registered, 501(c)(3) non-profit corporation that supports the infrastructure of the universal, self-organizing Internet by developing and maintaining core production-quality sof ...
(ISC), which became the entity responsible for BIND versions starting with 4.9.3. BIND 8 was released by ISC in May 1997. Version 9 was developed by Nominum, Inc. under an ISC outsourcing contract, and the first version was released 9 October 2000. It was written from scratch in part to address the architectural difficulties with auditing the earlier BIND code bases, and also to support
DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protoc ...
(DNS Security Extensions). The development of BIND 9 took place under a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings; the
DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protoc ...
features were funded by the US military, which regarded DNS security as important. BIND 9 was released in September 2000. In 2009, ISC started an effort to develop a new version of the software suite, initially called BIND10. In addition to DNS service, the BIND10 suite also included IPv4 and
IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv ...
DHCP server components. In April 2014, with BIND10 release 1.2.0 the ISC concluded its involvement in the project and renamed it to ''Bundy'', moving the source code repository to GitHub for further development by outside public efforts. ISC discontinued its involvement in the project due to cost-cutting measures. The development of DHCP components was split off to become a new
Kea The kea (; ; ''Nestor notabilis'') is a species of large parrot in the family Nestoridae found in the forested and alpine regions of the South Island of New Zealand. About long, it is mostly olive-green with a brilliant orange under its wing ...
project.


See also

*
Comparison of DNS server software This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software. Servers compared Each of these DNS servers is an independent implementat ...
*
DNS management software DNS management software is computer software that controls Domain Name System (DNS) server clusters. DNS data is typically deployed on multiple physical servers. The main purposes of DNS management software are: *to reduce human error when editin ...
*
Zone file A Domain Name System (DNS) zone file is a text file that describes a DNS zone. A DNS zone is a subset, often a single domain, of the hierarchical domain name structure of the DNS. The zone file contains mappings between domain names and IP add ...


References


Further reading

* *


External links


The official BIND site
at Internet Systems Consortium (ISC.org)
The BIND Gitlab repo and issue tracker

History of BIND

BIND Release Strategy
*
Bundy Project

Create new BIND zonefile

Geo-IP Info graphic
{{DEFAULTSORT:Bind DNS software Free network-related software Software using the ISC license