BIND 9.3.
Legal Notices © Copyright 2003, 2011 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s standard commercial license. The information contained herein is subject to change without notice.
Contents 1 BIND 9.3.2 Release Notes...........................................................................4 Announcement.........................................................................................................................4 What is in this version...............................................................................................................4 BIND 9.3.2 features..............................................................................................................
1 BIND 9.3.2 Release Notes This document discusses the most recent product information pertaining to Berkeley Internet Name Domain (BIND) 9.3.2. It also discusses how to install BIND 9.3.2 on the HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 operating systems. Announcement BIND is a Berkeley implementation of the Domain Name System (DNS). It is a distributed network information lookup service that maps host names to Internet addresses, and Internet addresses to host names.
• Signed Zone A signed zone contains additional security-related resource records (RRs). Table 1 (page 5) describes additional security-related records in BIND 9.3.2. Table 1 Security-Related RRs in a Signed Zone • RR Type Description DNS Public Key (DNSKEY) Enables normal DNS resolution and stores public keys. The DNSKEY record replaces the KEY record.
Support for the ip6.arpa domain BIND 9.3.2 uses the ip6.arpa domain for IPv6 forward lookups, instead of the ip6.int domain. However, BIND 9.3.2 continues to support the ip6.int domain for backward compatibility. BIND 9.3.2 also uses the ip6.arpa domain for storing IPv6 addresses in the DNS. The existing queries that perform additional section processing to locate IPv4 addresses are redefined to perform additional section processing on both IPv4 and IPv6 addresses. The ip6.
Table 3 New Options in the Options Statement (continued) Option Description key-directory Specifies the location of the public and private key files if the current directory is not the working directory memstatistics-file Specifies the pathname of the file where the server writes memory usage statistics upon exit. The default file is named.memstats. flush-zones-on-shutdown Specifies whether any pending zone writes must be flushed when the name server exits because of a SIGTERM signal.
New option to configure the ordering of records The new rrset-order option in the options statement enables you to configure the ordering of the records in a multiple-record response. When the name server returns multiple records in a response, it is useful to configure the order of the records placed into the response.
New options to enable and disable IXFR In BIND 9.3.2, the incremental zone transfer (IXFR) feature is enabled by default. describes the new options available in the options statement that can be used to enable and disable IXFR. Table 4 Options to Enable and Disable IXFR Option Description provide-ixfr yes_or_no; Determines whether the local server, which acts as a master, responds with an incremental zone transfer when the remove slave server requests an IXFR.
file to be synchronized into the master, and the journal file to be removed. All dynamic update attempts are refused if the zone is frozen. • thaw zone [class [view]] This command enables you to update a frozen dynamic zone. This command causes the server to reload the zone from the disk and re-enables dynamic updates after the load is complete. For more information on these commands, see rndc(1). A sample rndc.conf file is distributed with this release of BIND in the /usr/examples/bind directory.
Table 5 New Command-Line Options (continued) Binaries/Tools Options Description named-checkzone -w directory Specifies named to change to directory so that relative filenames in the master file $INCLUDE directives are functional. This option is similar to the directory clause in the /etc/named.conf file.
SIG record in 9.2.0) records. Additionally, it creates a dsset- file that contains the DS record and the keyset- file that contains the DNSKEY record. • • The following dig features are modified in BIND 9.3.2: ◦ The -i option in the dig command must be used for IP6.INT IPv6 reverse lookups. By default, dig performs IP6.ARPA reverse IPv6 lookups. ◦ The output of the dig name command for Not Implemented is changed from NOTIMPL to NOTIMP.
8. 9. 10. 11. 12. Enter the registration information. Read and accept the terms and conditions statements. Click Next>>. The Electronic Delivery Receipt page is displayed. Select the BIND 9.3.2 depot under Download Software. Save the BIND 9.3.2 depot in a local directory, for example, /tmp. To verify that the BIND 9.3.
# Target: hostname:/ # BindUpgrade C.9.3.2.8.0 BIND special release upgrade • On an HP-UX 11i v2 operating system # Initializing... # Contacting target "hostname"... # # Target: hostname:/ # BindUpgrade C.9.3.2.8.0 BIND special release upgrade • On an HP-UX 11i v3 operating system # Initializing... # Contacting target "hostname"... # # Target: hostname:/ # # HPUX-NameServer HPUX-NameServer.NameService utilities C.9.3.2.9.0 C.9.3.2.9.
Table 8 BIND 9.3.2 Manpages (continued) Manpage Description host(1) Utility for DNS lookup named-checkconf(1) Tool to check the syntax of the named configuration file named-checkzone(1) Tool to check the validity of a zone nslookup.
Table 9 Defects Fixed in both HP-UX 11i v1 and HP-UX 11i v2 Operating Systems (continued) Identifier Description QXCR1001079458 While reloading the server using rndc(1), named(1M) consumes more memory. QXCR1001092088 While using recursive resolvers with the DNSSEC validation option enabled, the DNSSEC query to the nameserver returns a message of SERVFAIL or validation failure. QXCR1001092086 When old signatures are retained in the named cache, validation failures occur. Defects fixed in BIND 9.3.
Table 9 Defects Fixed in both HP-UX 11i v1 and HP-UX 11i v2 Operating Systems (continued) Identifier Description JAGag14592 BIND does not handle recursive queries properly. JAGag07595 BIND 9.x does not handle AXFR/IXFR responses properly in certain scenarios. JAGaf71605 BIND 9.3.2 must be enabled on the HP-UX 11i v1 and v2 operating systems. Defects fixed in the HP-UX 11i v3 operating system Table 10 lists the defects fixed in BIND 9.3.2 in the HP-UX 11i v3 operating system.
Table 10 Defects Fixed in the HP-UX 11i v3 Operating System (continued) Identifier Description Defects fixed in BIND 9.3.2 (C.9.3.2.3.0) QXCR1000821672 Forgery resilience needs more improvements. QXCR1000577501 The rndc(1) recursing output file named.recursing contains old data. QXCR1000791343 named(1M) fails with an out of memory error message. Defects fixed in BIND 9.3.2 (C.9.3.2.2.0) The defects fixed in the C.9.3.2.2.0 version are the same as the defects fixed in the C.9.3.2.1.
