[Previo por Fecha] [Siguiente por Fecha] [Previo por Hilo] [Siguiente por Hilo]
[Hilos de Discusión] [Fecha] [Tema] [Autor]Saludos -- alex en campus iztacala unam mx Universidad Nacional Autónoma de México Campus Iztacala ---------- Forwarded message ---------- Date: Tue, 15 Aug 2000 18:21:57 -0700 (PDT) From: Andreas Gustafsson <Andreas Gustafsson en nominum com> To: bind-announce en isc org Subject: BIND 9.0.0rc3 BIND 9.0.0rc3 is now available. This is a release candidate for BIND 9.0.0, fixing a couple of bugs found in rc2. BIND 9.0.0rc3 can be downloaded from: ftp://ftp.isc.org/isc/bind9/9.0.0rc3/bind-9.0.0rc3.tar.gz The PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind9/9.0.0rc3/bind-9.0.0rc3.tar.gz.asc The signature was generated with the ISC public key, which is available at <http://www.isc.org/ISC/isckey.txt>. Enclosed is the README file included with the distribution kit. -------- BIND 9 BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND architecture. This re-architecting of BIND was necessitated by the expected demands of: - Domain name system growth, particularly in very large zones such as .COM - Protocol enhancements necessary to securely query and update zones - Protocol enhancements necessary to take advantage of certain architectural features of IP version 6 These demands implied performance requirements that were not necessarily easy to attain with the BIND version 8 architecture. In particular, BIND must not only be able to run on multi-processor multi-threaded systems, but must take full advantage of the performance enhancements these architectures can provide. In addition, the underlying data storage architecture of BIND version 8 does not lend itself to implementing alternative back end databases, such as would be desirable for the support of multi-gigabyte zones. As such zones are easily foreseeable in the relatively near future, the data storage architecture needed revision. The feature requirements for BIND version 9 included: - Scalability Thread safety Multi-processor scalability Support for very large zones - Security Support for DNSSEC Support for TSIG Auditability (code and operation) Firewall support (split DNS) - Portability - Maintainability - Protocol Enhancements IXFR, DDNS, Notify, EDNS0 Improved standards conformance - Operational enhancements High availability and reliability Support for alternative back end databases - IP version 6 support IPv6 resource records (A6, DNAME, etc.) Bitstring labels APIs BIND version 9 development has been underwritten by the following organizations: Sun Microsystems, Inc. Hewlett Packard Compaq Computer Corporation IBM Process Software Corporation Silicon Graphics, Inc. Network Associates, Inc. U.S. Defense Information Systems Agency USENIX Association Stichting NLnet - NLnet Foundation BIND 9.0.0rc3 BIND 9.0.0rc3 is a release candidate for the upcoming 9.0.0 release. The only changes expected between rc3 and the final release are bug fixes and documentation updates. The 9.0.0 release, and this release candidate, is aimed at early adopters and those who wish to make use of new 9.0 features, such as IPv6 and DNSSEC secure resolution support. We are running BIND 9 in production, and it has been used as a root name server. The distribution includes a new lightweight resolver library and associated resolver daemon. These should still be considered experimental. The server-side support for DNSSEC secured zones is stable and complete with the exception of the handling of wildcard records. The support for secure resolution is still to be considered experimental. For detailed information about the state of the DNSSEC implementation, see the file doc/misc/dnssec. A small number of bugs found in rc2 have been fixed. For a detailed list of user-visible changes, see the CHANGES file. There are a few known bugs: The option "query-source * port 53;" will not work as expected. Instead of the wildcard address "*", you need to use an explicit source IP address. On some systems, IPv6 and IPv4 sockets interact in unexpected ways. For details, see doc/misc/ipv6. To reduce the impact of these problems, the server no longer listens for requests on IPv6 addresses by default. If you need to accept DNS queries over IPv6, you must specify "listen-on-v6 { any; };" in the named.conf options statement. There are known problems with thread signal handling under Solaris 2.6. The "isc_timer_reset" test sometimes fails on HP-UX 11 for unknown reasons, but the server itself seems to run fine. On FreeBSD systems, the server logs error messages like "fcntl(8, F_SETFL, 4): Inappropriate ioctl for device". This is due to a bug in the FreeSBD /dev/random device. The bug has been reported to the FreeBSD maintainers. A similar problem is reported to exist on OpenBSD. If you are upgrading from BIND 8, please read the migration notes in doc/misc/migration. Building BIND 9 currently requires a UNIX system with an ANSI C compiler, basic POSIX support, and a good pthreads implementation. We've had successful builds and tests on the following systems: AIX 4.3 COMPAQ Tru64 UNIX 4.0D COMPAQ Tru64 UNIX 5 (with IPv6 EAK) FreeBSD 3.4-STABLE HP-UX 11 IRIX64 6.5 NetBSD-current (with unproven-pthreads-0.17) Red Hat Linux 6.0, 6.1, 6.2 Solaris 2.6, 7, 8 To build, just ./configure make Several environment variables that can be set before running configure will affect compilation: CC The C compiler to use. configure tries to figure out the right one for supported systems. CFLAGS C compiler flags. Defaults to include -g and/or -O2 as supported by the compiler. STD_CINCLUDES System header file directories. Can be used to specify where add-on thread or IPv6 support is, for example. Defaults to empty string. STD_CDEFINES Any additional preprocessor symbols you want defined. Defaults to empty string. To build shared libraries, specify "--with-libtool" on the configure command line. If your operating system has integrated support for IPv6, it will be used automatically. If you have installed KAME IPv6 separately, use "--with-kame[=PATH]" to specify its location. To see additional configure options, run "configure --help". "make install" will install "named" and the various BIND 9 libraries. By default, installation is into /usr/local, but this can be changed with the "--prefix" option when running "configure". If you're planning on making changes to the BIND 9 source, you should also "make depend". If you're using Emacs, you might find "make tags" helpful. Building with gcc is not supported, unless gcc is the vendor's usual compiler (e.g. the various BSD systems, Linux). Parts of the library can be tested by running "make test" from the bin/tests subdirectory. Bug Reports and Mailing Lists Bugs reports should be sent to bind9-bugs en isc org To join the BIND 9 Users mailing list, send mail to bind9-users-request en isc org If you're planning on making changes to the BIND 9 source code, you might want to join the BIND 9 Workers mailing list. Send mail to bind9-workers-request en isc org "named" command line options -c <config_file> -d <debug_level> -f Run in the foreground. -g Run in the foreground and log to stderr, ignoring any "logging" statement in in the config file. -n <number_of_cpus> -t <directory> Chroot to <directory> before running. -u <username> Run as user <username> after binding to privileged ports. Use of the "-t" option while still running as "root" doesn't enhance security on most systems. The way chroot() is defined allows a process with root privileges to escape the chroot jail. The "-u" option is not currently useful on Linux kernels older than 2.3.99-pre3. Linux threads are actually processes sharing a common address space. An unfortunate side effect of this is that some system calls, e.g. setuid() that in a typical pthreads environment would affect all threads only affect the calling thread/process on Linux. The good news is that BIND 9 uses the Linux kernel's capability mechanism to drop all root powers except the ability to bind() to a privileged port. 2.3.99-pre3 and later kernels allow a process to say that its capabilities should be retained after setuid(). If BIND 9 is compiled with 2.3.99-pre3 or later kernel .h files, the "-u" option will cause the server to run with the specified user id, but it will retain the capability to bind() to privileged ports. On systems with more than one CPU, the "-n" option should be used to indicate how many CPUs there are. If the "-n" option is not provided, named will attempt to determine the number of available CPUs and use all of them. --------------------------------------------------------- para salir de la lista, enviar un mensaje con las palabras "unsubscribe ayuda" en el cuerpo a majordomo en linux org mx