BIND 9.2.0 Release Notes
Table Of Contents
- 1 New Features
- BIND 8.1.2 Features Supported on HP-UX 11.0
- New BIND 9.2.0 Features
- Incremental Zone Transfer
- DNS Security
- Dynamic DNS Update
- TSIG-Based Security
- Lightweight Resolver Library and Daemon
- Improved Logging Mechanism
- Extended Configuration Syntax and Options
- New Options in options Statement
- New Option in “server” Statement
- New Options in “zone” Statement
- named-checkconf
- named-checkzone
- rndc
- Generating rndc.conf File
- New Command Line Options
- Changed Features
- Unsupported Features
- 2 Installation Information
- 3 Documentation
- 4 Known Problems, Limitation and Defect Fixes
New Features
New BIND 9.2.0 Features
Chapter 124
New Command Line Options
Table 1-2 lists the new command line options that have been added for
the various binaries and tools in BIND 9.2.0.
Table 1-2 New Command Line Options
Binaries/Tools Options Usage
dig -b Set the source IP address of the
query to address. This must be a
valid address on one of the host’s
network interfaces.
dig -k Sign the DNS queries sent by dig
and their responses using
transaction signatures (TSIG).
dig -y Specify the TSIG key on the
command line.
dnssec-keygen -a algorithm Specifies the encryption
algorithm. The algorithm can be
RSAMD5, DH, DSA or
HMAC-MD5. RSA can also be
used, which is equivalent to
RSAMD5.
dnssec-keygen -b keysize Specifies the number of bits in the
key. The choice of key size
depends on the algorithm that is
used.
dnssec-makekeyset
& dnssec-signkey
-a Verify all generated signatures.
dnssec-signkey -c class Specify the DNS class of the key
sets. Currently only IN class is
supported.
dnssec-signkey -e end-time Specify the date and time when
the generated SIG records become
invalid. If no end-time is specified,
30 days from the start time will be
used as a default.