This MedLibrary.org supplementary page on BIND is provided directly from the open source Wikipedia as a service to our readers. Please see the note below on authorship of this content, as well as the Wikipedia usage guidelines. To search for other content from our encyclopedia supplement, please use the form below:
Related Sponsors
| Developed by | Internet Systems Consortium |
|---|---|
| Latest release | 9.5.0-P2 / 02 August 2008 |
| OS | Unix-like, Windows |
| Type | DNS server |
| License | BSD license |
| Website | www.isc.org/sw/bind/ |
BIND (Berkeley Internet Name Domain or "named") is the most commonly used DNS server on the Internet, especially on Unix-like systems, where it is a de facto standard. Supported by Internet Systems Consortium, BIND was originally created by four graduate students with CSRG at the University of California, Berkeley and first released with 4.3BSD. Paul Vixie started maintaining it in 1988 while working for DEC.
A new version of BIND (BIND 9) was written from scratch in part to address the architectural difficulties with auditing the earlier BIND code bases, and also to support DNSSEC (DNS Security Extensions). Other important features of BIND 9 include: TSIG, DNS notify, nsupdate, IPv6, rndc flush (remote name daemon control), views, multiprocessor support, and an improved portability architecture. rndc uses a shared secret to provide encryption for local and remote terminals during each session.
Contents |
History
BIND was originally written in the early 1980s under a DARPA grant. In the mid-1980s, DEC employees took over BIND development. One of these employees was Paul Vixie, who continued to work on BIND after leaving DEC. He eventually helped start the ISC, which became the entity responsible for maintaining BIND.
The development of BIND 9 was done with a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings; the DNSSEC features were funded by the US military who felt that DNS security was important.
The acronym BIND was derived from its first domain use, Berkeley Internet Name Domain, and the server software being the "Berkeley Internet Name Domain (BIND) Server". It was not, as is sometimes assumed, Berkeley Internet Name Daemon. The original acronym is clear from the title of and usage in the original BIND paper, The Berkeley Internet Name Domain Server.1
Criticisms
Configuration
BIND requires that domain names be fully qualified in certain contexts, which means that the domain name must include all higher level domain labels, including the dot (full stop) for the root domain, for example, 'www.wikipedia.org.' (note the trailing '.'). The following response to a dig query is an example of what can result when systems administrators forget this critical point:
;; QUESTION SECTION: ;rr.wikipedia.org. IN A ;; AUTHORITY SECTION: wikipedia.org. 7134 IN SOA ns0.wikimedia.org.wikipedia.org.
Zone storage support
Earlier versions of BIND offered no stock mechanism to store and retrieve zone data in anything other than flat text files. Since BIND 9.4 2 DLZ has been available as a compile time option allowing for zone storage in a variety of database formats including LDAP, Berkeley DB, PostgreSQL, MySQL, and ODBC.
Security
Like Sendmail, WU-FTPD and other systems dating back to the earlier days of the Internet (when security was not such an issue as it has since become) BIND 4 and BIND 8 have had a large number of serious security vulnerabilities over the years and as such their use is now strongly discouraged.3 While BIND 9 was a complete rewrite, it has still experienced numerous vulnerabilities.4
See also
- Comparison of DNS server software (BIND, djbdns, MaraDNS, NSD, PowerDNS, etc.)
- DNS management software
References
- ^ Douglas Brian Terry, Mark Painter, David W. Riggle and Songnian Zhou, The Berkeley Internet Name Domain Server, Proceedings USENIX Summer Conference, Salt Lake City, Utah, June 1984, pages 23–31.
- ^ https://www.isc.org/about/pr/2007032700
- ^ P. Hudson, A. Hudson, B. Ball, H. Duff: Red Hat Fedora 4 Unleashed, page 723. Sams Publishing, 2005 ISBN 0-672-32792-9
- ^ "BIND vulnerabilities". Retrieved on 2008-07-09.
Books
- DNS and BIND, Fourth Edition by Paul Albitz, Cricket Liu. 2001. ISBN 0-596-00158-4.
- BIND 9 DNS Administration Reference Book: Name Server Operations and DNS Configuration using BIND. Published by Reed Media Services. 2007. ISBN 0-9790342-1-3.
External links
- The official BIND site at Internet Systems Consortium (ISC.org)
- CircleID Interview with Cricket Liu, author of 'DNS and BIND'
- DNS & BIND Resources at Bind9.net
- A Brief History of BIND by ISC
- GeoDNS, a 40-line patch to BIND to allow split-horizon DNS
Configuration sites
Wikipedia content modification information:
- This page was last modified on 25 November 2008, at 18:54.
Wikipedia Authorship and Review
Wikipedia content provided here is not reviewed directly by MedLibrary.org. Wikipedia content is authored by an open community of volunteers and is not produced by or in any way affiliated with MedLibrary.org.
Wikipedia Usage Guidelines
This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article on "BIND".
The URL for this specific entry is:
All Wikipedia text is available under the terms of the GNU Free Documentation License. (See Copyrights for details). Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc.