Using nsupdate -l, and chroot was broken because nsupdate could not find
the keyfile by itself.
PR: 223403
Submitted by: Harald Schmalzbauer
Sponsored by: Absolight
6761 recommendations.
While there:
- Fix invalid syntax in sample slave config.
- Add a message about having syslogd working with BIND9 chroot.
PR: 217915
Reported by: eserte12 yahoo de
Sponsored by: Absolight
While there:
Make it more maintainable by sorting stuff in the Makefile and removing
vestigial pre 10.3 things.
Refresh the root zone hints.
"Fix" the configuration section telling you to get some top level
zones from f.root-servers.net, which does not allow axfr any more. [1]
PR: 218656 [1]
Reported by: Thomas Steen Rasmussen / Tykling [1]
MFH: 2017Q2
Sponsored by: Absolight
BIND 9.11 brings many changes to BIND, including a new license
(the Mozilla Public License 2.0 -- you can read about it here:
https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/)
and many new features, including:
- Catalog zones, a new way to provision zones on slave servers
- dyndb api, a fast new api enabling BIND to serve zones stored
in a database (Developed by Petr Spacek of RedHat)
- RNDC showzone, view-only mode and other improvements
- dnstap query and response logging (Robert Edmonds is the author
of dnstap, see www.dnstap.info)
- EDNS Client-subnet (authoritative server functions)
- DNSSEC key manager, a new utility (Thanks to Sebastián Castro
for helping with development.)
- Automatic CDS/CDSKEY generation
- Negative Trust Anchors for DNSSEC validators
- IPv6 bias to encourage use of IPv6 DNS servers
- Minimal response to “any” queries (Thanks to Tony Finch for
the contribution)
- DNS Cookies are now enabled by default, using the standardized code point
Changes: https://lists.isc.org/pipermail/bind-announce/2016-June/000994.html
Sponsored by: Absolight
