BIND
Encyclopedia
BIND or named (ˈ), is the most widely used DNS
software on the Internet.
On Unix-like
operating systems it is the de facto
standard
.
Originally written by four graduate students at the Computer Systems Research Group
at the University of California, Berkeley
(UCB), the name originates as an acronym from Berkeley Internet Name Domain, reflecting the application's use within UCB.
BIND was first released with Berkeley Software Distribution
4.3BSD, and as such, it is free and open source software
. Paul Vixie
started maintaining it in 1988 while working for Digital Equipment Corporation
. , the Internet Systems Consortium
maintains BIND.
A new version of BIND (BIND 9) was developed by Nominum, Inc. under an ISC outsourcing contract. It was written from scratch in part to address the architectural difficulties with auditing the earlier BIND code bases, and also to support DNSSEC
(DNS Security Extensions). Other important features of BIND 9 include: TSIG
, DNS notify, nsupdate
, IPv6
, rndc flush (remote name daemon control), views, multiprocessor support, and an improved portability architecture. rndc uses a shared secret
to provide encryption for local and remote terminals during each session.
as a result of a DARPA
grant. Versions of BIND through 4.8.3 were maintained by the Computer Systems Research Group (CSRG) at UC Berkeley.
In the mid-1980s, DEC
employees took over BIND development, releasing versions 4.9 and 4.9.1. One of these employees, Paul Vixie
, continued to work on BIND after leaving DEC. BIND Version 4.9.2 was sponsored by Vixie Enterprises. He eventually helped start the ISC, which became the entity responsible for BIND versions starting with 4.9.3.
BIND 8 was released by ISC in May 1997.
The development of BIND 9 took place under a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings; the DNSSEC
features were funded by the US military, which regarded DNS security as important. BIND 9 was released in September 2000.
The acronym BIND is for Berkeley Internet Name Domain, from a technical paper published in 1984.
, PostgreSQL
, MySQL
, and ODBC.
, ostensibly to mitigate these ongoing security issues, it has also experienced a large number of serious security vulnerabilities.
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
software on the Internet.
On Unix-like
Unix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....
operating systems it is the de facto
De facto
De facto is a Latin expression that means "concerning fact." In law, it often means "in practice but not necessarily ordained by law" or "in practice or actuality, but not officially established." It is commonly used in contrast to de jure when referring to matters of law, governance, or...
standard
Standardization
Standardization is the process of developing and implementing technical standards.The goals of standardization can be to help with independence of single suppliers , compatibility, interoperability, safety, repeatability, or quality....
.
Originally written by four graduate students at the Computer Systems Research Group
Computer Systems Research Group
The Computer Systems Research Group was a research group at the University of California, Berkeley that was dedicated to enhancing AT&T Unix operating system and funded by Defense Advanced Research Projects Agency.- History :...
at the University of California, Berkeley
University of California, Berkeley
The University of California, Berkeley , is a teaching and research university established in 1868 and located in Berkeley, California, USA...
(UCB), the name originates as an acronym from Berkeley Internet Name Domain, reflecting the application's use within UCB.
BIND was first released with Berkeley Software Distribution
Berkeley Software Distribution
Berkeley Software Distribution is a Unix operating system derivative developed and distributed by the Computer Systems Research Group of the University of California, Berkeley, from 1977 to 1995...
4.3BSD, and as such, it is free and open source software
Free and open source software
Free and open-source software or free/libre/open-source software is software that is liberally licensed to grant users the right to use, study, change, and improve its design through the availability of its source code...
. Paul Vixie
Paul Vixie
Paul Vixie is an American Internet pioneer, the author of several RFCs and well-known Unix software.Vixie attended George Washington High School in San Francisco, California. He received a Ph.D in computer science from Keio University in 2011....
started maintaining it in 1988 while working for Digital Equipment Corporation
Digital Equipment Corporation
Digital Equipment Corporation was a major American company in the computer industry and a leading vendor of computer systems, software and peripherals from the 1960s to the 1990s...
. , the Internet Systems Consortium
Internet Systems Consortium
Internet Systems Consortium, Inc., also known as ISC, is a Delaware-registered, 501 public benefit non-profit corporation dedicated to supporting the infrastructure of the universal connected self-organizing Internet by developing and maintaining core production quality software, protocols, and...
maintains BIND.
A new version of BIND (BIND 9) was developed by Nominum, Inc. under an ISC outsourcing contract. It was written from scratch in part to address the architectural difficulties with auditing the earlier BIND code bases, and also to support DNSSEC
DNSSEC
The Domain Name System Security Extensions is a suite of Internet Engineering Task Force specifications for securing certain kinds of information provided by the Domain Name System as used on Internet Protocol networks...
(DNS Security Extensions). Other important features of BIND 9 include: TSIG
TSIG
TSIG is a computer networking protocol definedin RFC 2845. It is used primarily by the Domain Name System to provide a means of authenticating updates to a Dynamic DNS database, although it can also be used between servers and for regular queries...
, DNS notify, nsupdate
Nsupdate
nsupdate is a computer network maintenance utility used by network administrators to request the name server of a DNS zone to update its database...
, IPv6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
, rndc flush (remote name daemon control), views, multiprocessor support, and an improved portability architecture. rndc uses a shared secret
Shared secret
In cryptography, a shared secret is a piece of data, known only to the parties involved, in a secure communication. The shared secret can be a password, a passphrase, a big number or an array of randomly chosen bytes....
to provide encryption for local and remote terminals during each session.
History
BIND was written by Douglas Terry, Mark Painter, David Riggle and Songnian Zhou in the early 1980s at the University of California, BerkeleyUniversity of California, Berkeley
The University of California, Berkeley , is a teaching and research university established in 1868 and located in Berkeley, California, USA...
as a result of a DARPA
Defense Advanced Research Projects Agency
The Defense Advanced Research Projects Agency is an agency of the United States Department of Defense responsible for the development of new technology for use by the military...
grant. Versions of BIND through 4.8.3 were maintained by the Computer Systems Research Group (CSRG) at UC Berkeley.
In the mid-1980s, DEC
Digital Equipment Corporation
Digital Equipment Corporation was a major American company in the computer industry and a leading vendor of computer systems, software and peripherals from the 1960s to the 1990s...
employees took over BIND development, releasing versions 4.9 and 4.9.1. One of these employees, Paul Vixie
Paul Vixie
Paul Vixie is an American Internet pioneer, the author of several RFCs and well-known Unix software.Vixie attended George Washington High School in San Francisco, California. He received a Ph.D in computer science from Keio University in 2011....
, continued to work on BIND after leaving DEC. BIND Version 4.9.2 was sponsored by Vixie Enterprises. He eventually helped start the ISC, which became the entity responsible for BIND versions starting with 4.9.3.
BIND 8 was released by ISC in May 1997.
The development of BIND 9 took place under a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings; the DNSSEC
DNSSEC
The Domain Name System Security Extensions is a suite of Internet Engineering Task Force specifications for securing certain kinds of information provided by the Domain Name System as used on Internet Protocol networks...
features were funded by the US military, which regarded DNS security as important. BIND 9 was released in September 2000.
The acronym BIND is for Berkeley Internet Name Domain, from a technical paper published in 1984.
Database support
Earlier versions of BIND offered no mechanism to store and retrieve zone data in anything other than flat text files. BIND 9.4 DLZ made available (as a compile-time option) zone storage in a variety of database formats including LDAP, Berkeley DBBerkeley DB
Berkeley DB is a computer software library that provides a high-performance embedded database for key/value data. Berkeley DB is a programmatic software library written in C with API bindings for C++, PHP, Java, Perl, Python, Ruby, Tcl, Smalltalk, and most other programming languages...
, PostgreSQL
PostgreSQL
PostgreSQL, often simply Postgres, is an object-relational database management system available for many platforms including Linux, FreeBSD, Solaris, MS Windows and Mac OS X. It is released under the PostgreSQL License, which is an MIT-style license, and is thus free and open source software...
, MySQL
MySQL
MySQL officially, but also commonly "My Sequel") is a relational database management system that runs as a server providing multi-user access to a number of databases. It is named after developer Michael Widenius' daughter, My...
, and ODBC.
Security
BIND 4 and BIND 8 have both had a substantial number of serious security vulnerabilities over the years, and as such their use is now strongly discouraged. While BIND 9 was a complete rewriteRewrite (programming)
A rewrite in computer programming is the act or result of re-implementing a large portion of existing functionality without re-use of its source code. When the rewrite is not using existing code at all, it is common to speak of a rewrite from scratch...
, ostensibly to mitigate these ongoing security issues, it has also experienced a large number of serious security vulnerabilities.
See also
- Comparison of DNS server softwareComparison of DNS server softwareThis article presents a comparison of the features, platform support, and packaging of independent implementations of Domain Name System name server software.- Servers compared :...
- DNS management softwareDNS management softwareDNS management software is computer software that controls Domain Name System server clusters. Its main purpose is to reduce human error when editing complex and repetitive text-based DNS server configuration files. Such files are often deployed on multiple physical servers.DNS service providers...
Books
- DNS and BIND, Fifth Edition by Paul Albitz, Cricket Liu. 2006. ISBN 0-596-10057-4.
- BIND 9 DNS Administration Reference Book: Name Server Operations and DNS Configuration using BIND. Published by Reed Media Services. 2007. ISBN 0-9790342-1-3.
External links
- The official BIND site at Internet Systems Consortium (ISC.org)
- CircleID Interview with Cricket Liu, author of 'DNS and BIND'
- A Brief History of BIND by ISC
- LWRES, a BIND 9 lightweight resolver library