BIND
From Wikipedia, the free encyclopedia
| BIND | |
| Developer: | Internet Systems Consortium |
|---|---|
| Latest release: | 9.4.0 / February 23, 2007 |
| OS: | Unix-like |
| Use: | DNS server |
| License: | BSD license |
| Website: | www.isc.org/sw/bind/ |
BIND (Berkeley Internet Name Domain, previously: Berkeley Internet Name Daemon) is the most commonly used DNS server on the Internet, especially on Unix-like systems, where it is a de facto standard. Supported by Internet Systems Consortium. BIND was originally created by four graduate students with CSRG at the University of California, Berkeley and first released with 4.3BSD. Paul Vixie started maintaining it in 1988 while working for DEC.
A new version of BIND (BIND 9) was written from scratch in part to address the architectural difficulties with auditing the earlier BIND code bases, and also to support DNSSEC (DNS Security Extensions). Other important features of BIND 9 include: TSIG, DNS notify, nsupdate, IPv6, rndc flush, views, multiprocessor support, and an improved portability architecture. It is commonly used on Linux systems.
Contents |
[edit] History
BIND was originally written in the early 1980s under a DARPA grant. In the mid-1980s, DEC employees took over BIND development. One of these employees was Paul Vixie, who continued to work on BIND after leaving DEC. He eventually helped start the ISC, which became the entity responsible for maintaining BIND.
The development of BIND 9 was done with a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings; the DNSSEC features were funded by the US military who felt that DNS security was important.
[edit] Criticisms
Like Sendmail, WU-FTPD, and other systems dating back to the earlier laissez-faire days of the Internet, BIND 4 and BIND 8 have had a large number of serious security vulnerabilities over the years and as such their use is now strongly discouraged.[citation needed] BIND 9, being a rewrite, has a much better security history.
[edit] GeoDNS
GeoDNS is a 40-line patch to BIND to allow split horizon DNS, such that different requesters receive different responses, depending on proximity.
In this way if a website has, for example, a French server, a US server and a South Korean server, they can easily specify that people in Europe go to the French server, people in East Asia go to the Korean server and those in the rest of the world be served by the American server. This can give improved performance and potentially lower costs than a single hosting location or a round robin DNS setup.
As it is DNS based, it is much easier to deploy than BGP anycast. It does not require any support from the ISP and will not break existing connections when the server selected for a particular client changes. However, as it is not intimately tied into the network infrastructure it is likely to be less accurate at sending data to the nearest server.
[edit] See also
[edit] External links
- The official BIND site at Internet Systems Consortium (ISC.org)
- CircleID Interview with Cricket Liu, author of 'DNS and BIND'
- DNS & BIND Resources at Bind9.net
- DNS Security Extensions (DNSSEC) at DNSSEC.net
- A Brief History of BIND by ISC
- BIND, the Buggy Internet Name Daemon by Daniel J. Bernstein
- Homepage of GeoDNS
