Contact Us Contact Us

BIND812

  Software Depot
Electronic download
Frequently asked questions
Product details & specifications
Overview

BIND8.1.2 Discontinuance

BIND 8.1.2, which was available as a webupgrade on the HP-UX 11.0 operating system, will be discontinued starting from17th October 2003 and will be obsoleted by end of March 2004. HP recommends BIND 8.1.2 customers to migrate to BIND 9.2.0, which is a higher version of BIND 8.1.2, with additional features. The BIND 8.1.2 configuration file is fully compliant with the BIND 9.2.0 configuration file, except for the database (db) file format. Migrating from BIND 8.1.2 to BIND 9.2.0 section below explains the simple procedure to convert the database file format from BIND 8.1.2 to 9.2.

BIND 9.2.0 is available as a webupgrade on the HP-UX 11.0 and 11i v1 (11.11) operating systems. The BIND 9.2.0 files are installed into the /usr/contrib/bind directory. If you wish to disable BIND 9.2.0, execute the command /usr/bin/enable_inet-r bind on the command line. This will enable the previous version of BIND in the core operating system. The IPv6-enabled version of BIND 9.2.0 is available only on the HP-UX 11i v1 operating system.

After installing the BIND 9.2.0 software depot, you can find the BIND9.2.0 release notes in the /usr/examples/bind/Release notes.pdf file. Alternatively, you can download the release notes from the following URL:

http://www.docs.hp.com/hpux/netcom/index.html#Internet%20Services.

The following sections list the BIND 8.1.2 features, the additional features and manpages available in BIND 9.2.0, and the migration procedure.

BIND8.1.2 Features

Table 1 lists and describes the BIND 8.1.2 features.

Table 1: BIND 8.1.2 Features

Features Description
Support for DNS change notification This feature uses a new DNS opcode to notify the slave server about a change in the serial number of the zone's SOA record. BIND 8.1.2 also allows you to list additional servers to accommodate stealth servers that may not be listed in any NS records.
Support for Dynamic DNS update This feature allows you to enable dynamic update for a zone by including an allow-update clause in the zone statement of the /etc/named.conf file. Using this feature, you can add or remove resource records from a zone without manually editing the zone file. You can use the nsupdate utility to submit Dynamic DNS update requests to a name server, as defined in RFC2136.
Improved logging system This feature supports activities such as limiting incoming messages to a given severity level, limiting the size of the logging file, managing multiple versions of the logging file, directing logging messages to any of the syslog facilities, specifying where messages belonging to a specific category can be logged.
Efficient zone transfer This feature allows you to determine the format in which the zone transfers are sent. BIND 8.1.2 provides efficient zone transfer using the transfer-format clause in the /etc/named.conf file. You can send zone transfers using two different formats: one-answer and many-answers. The default format is many-answers. A server statement overrides the transfer-format for a server.
New configuration syntax in /etc/named. conf BIND 8.1.2 contains the following new configuration statements in the /etc/named.conf file: the acl statement, the include statement, the key statement, the logging statement, the options statement, the server statement, and the zone statement.

 

BIND9.2.0 Features

In addition to the BIND 8.1.2 features, BIND 9.2.0 contains the additional features listed in Table 2.

Table 2: BIND 9.2.0 Features

Feature Description
Incremental Zone Transfer The incremental zone transfer (IXFR) protocol, as defined in RFC 1995, is a mechanism for slave servers to transfer only the changed data, instead of transferring the entire zone every time the zone data changes. When acting as a master, BIND 9.2.0 supports IXFR for the zones where the necessary change history information is available. These include master zones maintained by dynamic updates and slave zones whose data was obtained by IXFR.
DNSSEC DNS Security (DNSSEC) extensions defined in RFC 2535 enables authentication of DNS information in a zone. BIND 9.2.0 provides several tools to set up a DNSSEC secure zone.
TSIG-based Security Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly the responses and updates.
Lightweight Resolver Library and Daemon BIND 9.2.0 provides resolution services to local clients using a combination of a lightweight resolver library and a resolver daemon process running on the local host. These communicate using a simple UDP-based protocol, lightweight resolver protocol, that is distinct from and simpler than the full DNS protocol.
Extended Configuration Syntax and Options The BIND 9.2.0 configuration file is broadly similar to the BIND 8.1.2 configuration file, however, there are a few new areas of configuration such as views. The BIND 8.1.2 configuration files work with a few alterations for BIND 9.2.0, however you must review the more complex configurations to check that they are more efficiently implemented using the new features in BIND 9.2.0
New Options in options Statement BIND 9.2.0 includes new options in the options statement. For more information on the options, refer to the named.conf(4) manpage
New Options in zone Statement BIND 9.2.0 includes new options in the zone statement. For more information on the options, refer to the named.conf(4) manpage.
New Option in server Statement BIND 9.2.0 includes new options in the server statement. For more information on the options, refer to the named.conf(4) manpage.
Utility to check the syntax of named.conf file - named.checkconf The new utility, named-checkconf, checks the syntax of the configuration file named.conf.
Utility to check the syntax and consistency of a zone's content - named-checkzone The new utility, named-checkzone, is used to perform syntax and consistency checks on the contents of a zone.
Utility to control the operation of a name server - rndc The new program remote name daemon control (rndc) allows the system administrator to control the operation of a name server.
Utility to generate the configuration file for rndc - rndc-confgen
 
The new utility, rndc-confgen can be used to generate rndc.conf, the configuration file for rndc. Alternatively, it can also be run with the -a option to set up a rndc.key file thus avoiding the need for a rndc.conf file and a control statement.
New utilities - dig and host The new utilities dig (domain information groper) and host (DNS lookup utility) are included in BIND starting from version 9.2.0. The dig utility is a flexible tool for interrogating the Doman Name System (DNS) servers. The host utility is a simple utility for performing DNS lookups.

 

BIND9.2.0 Manpages

In addition to the BIND 8.1.2 manpages, BIND9.2.0 provides the manpages listed in Table 3:

Table 3: BIND 9.2.0 Manpages

Manpage Name Description
dnssec-keygen.1 Key generation tool for DNSSEC
dnssec-makekeyset.1 Program used to produce a set of DNS keys
dnssec-signkey.1 DNSSEC keyset signing tool
dnssec-signzone.1 DNSSEC zone signing tool
host.1 DNS lookup utility
lwresd.1m Lightweight resolver daemon
rndc.1 Name server control utility
rndc.conf.4 rndc configuration file
named-checkconf.1 named configuration file syntax checking tool
named-checkzone.1 Zone validity checking tool
dig.1m Domain information groper
rndc-confgen.1 rndc key generation tool
named-conf.4 Configuration file for name daemon

 

Migrating from BIND 8.1.2 to BIND 9.2.0

The BIND 8.1.2 files are fully compliant with BIND 9.2.0 except for the format of the database (db) files. You need to migrate all the BIND 8.1.2 db files except the cache.db file. A new shell script change2v9db.sh has been provided with BIND 9.2.0 to convert the existing BIND 8.1.2 db files to BIND 9.2.0-compliant db files. The shell script is installed in the /usr/bin directory.

To convert the BIND 8.1.2 db files to BIND 9.2.0-compliant db files, complete the following steps:

  1. Change the current working directory to the directory where the db files exist.
  2.  Execute the following script with all the db files as arguments:

# /usr/bin/change2v9db.sh dbfile1 dbfile2 ...

 
The BIND 8.1.2 files are converted to the 9.2 format and the $TTL value is inserted as the first entry in all the db files.

 

 
Additional product information
Product #: BIND812
Version: -
Software specification: