BIND () is a suite of software for interacting with the

Domain Name System The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information ...

(DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name

daemon A demon is a malevolent supernatural being, evil spirit or fiend in religion, occultism, literature, fiction, mythology and folklore. Demon, daemon or dæmon may also refer to: Entertainment Fictional entities * Daemon (G.I. Joe), a character ...

''), performs both of the main DNS server roles, acting as an authoritative name server for DNS zones and as a recursive resolver in the network. As of 2015, it is the most widely used domain name server software, and is the ''de facto'' standard on

Unix-like A Unix-like (sometimes referred to as UN*X, *nix or *NIX) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Uni ...

operating systems. Also contained in the suite are various administration tools such as

nsupdate nsupdate is a computer network maintenance utility used by network administrators to instruct the name server of a Domain Name System, DNS zone to update its database. The name server might be local to a domain or, with appropriate authentication ...

and dig, and a DNS resolver interface library. The software was originally designed at the

University of California, Berkeley The University of California, Berkeley (UC Berkeley, Berkeley, Cal, or California), is a Public university, public Land-grant university, land-grant research university in Berkeley, California, United States. Founded in 1868 and named after t ...

(UC Berkeley) in the early 1980s. The name originates as an acronym of ''Berkeley Internet Name Domain'', reflecting the application's use within UC Berkeley. The current version is BIND 9, first released in 2000 and still actively maintained by the Internet Systems Consortium (ISC) with new releases issued several times a year.

Key features

BIND 9 is intended to be fully compliant with th
IETF DNS standards and draft standards
Important features of BIND 9 include: TSIG,

IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...

, RNDC (remote name daemon control), views, multiprocessor support, Response Rate Limiting (RRL), DNSSEC, and broad portability. RNDC enables remote configuration updates, using a

shared secret In cryptography, a shared secret is a piece of data, known only to the parties involved, in a secure communication. This usually refers to the key of a symmetric cryptosystem. The shared secret can be a PIN code, a password, a passphrase, a b ...

to provide

encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...

for local and remote terminals during each session.

Database support

While earlier versions of BIND offered no mechanism to store and retrieve zone data in anything other than flat text files, in 2007 BIND 9.
DLZ
provided a compile-time option for zone storage in a variety of database formats including

LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed Directory service, directory information services over an Internet Protocol (IP) networ ...

, Berkeley DB,

PostgreSQL PostgreSQL ( ) also known as Postgres, is a free and open-source software, free and open-source relational database management system (RDBMS) emphasizing extensibility and SQL compliance. PostgreSQL features transaction processing, transactions ...

MySQL MySQL () is an Open-source software, open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A rel ...

, and

ODBC In computing, Open Database Connectivity (ODBC) is a standard application programming interface (API) for accessing database management systems (DBMS). The designers of ODBC aimed to make it independent of database systems and operating systems. An ...

. BIND 10 planned to make the data store modular, so that a variety of databases may be connected. In 2016 ISC added support for the 'dyndb' interface, contributed by RedHat, with BIND version 9.11.0.

Security

Security issues that are discovered in BIND 9 are patched and publicly disclosed in keeping with common principles of open source software. A complete list of security defects that have been discovered and disclosed in BIND9 is maintained by Internet Systems Consortium, the current authors of the software. The BIND 4 and BIND 8 releases both had serious security vulnerabilities. Use of these ancient versions, or any un-maintained, non-supported version is strongly discouraged. BIND 9 was a complete rewrite, in part to mitigate these ongoing security issues. Th
downloads page on the ISC web site
clearly shows which versions are currently maintained and which are end of life.

History

BIND was originally written by four

graduate student Postgraduate education, graduate education, or graduate school consists of Academic degree, academic or professional degrees, certificates, diplomas, or other qualifications usually pursued by higher education, post-secondary students who have ...

s at the

Computer Systems Research Group The Computer Systems Research Group (CSRG) was a research group at the University of California, Berkeley, that was dedicated to enhancing AT&T Unix operating system and funded by the Defense Advanced Research Projects Agency. History Profes ...

(CSRG) at the

, Douglas Terry, Mark Painter, David Riggle and Songnian Zhou, in the early 1980s as a result of a

DARPA The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military. Originally known as the Adva ...

grant. The acronym ''BIND'' is for ''Berkeley Internet Name Domain'', from a technical paper published in 1984. It was first released with

Berkeley Software Distribution The Berkeley Software Distribution (BSD), also known as Berkeley Unix or BSD Unix, is a discontinued Unix operating system developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Berkeley, beginn ...

4.3BSD. Versions of BIND through 4.8.3 were maintained by the CSRG. Paul Vixie of

Digital Equipment Corporation Digital Equipment Corporation (DEC ), using the trademark Digital, was a major American company in the computer industry from the 1960s to the 1990s. The company was co-founded by Ken Olsen and Harlan Anderson in 1957. Olsen was president until ...

(DEC) took over BIND development in 1988, releasing versions 4.9 and 4.9.1. Vixie continued to work on BIND after leaving DEC. BIND Version 4.9.2 was sponsored by Vixie Enterprises. Vixie eventually founded the Internet Software Consortium (ISC), which became the entity responsible for BIND versions starting with 4.9.3. BIND 8 was released by ISC in May 1997. Version 9 was developed by Nominum, Inc. under an ISC outsourcing contract, and the first version was released 9 October 2000. It was written from scratch in part to address the architectural difficulties with

auditing An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon." Auditing al ...

the earlier BIND code bases, and also to support DNSSEC (DNS Security Extensions). The development of BIND 9 took place under a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft's DNS offerings; the DNSSEC features were funded by the US military, which regarded DNS security as important. BIND 9 was released in September 2000. In 2009, ISC started an effort to develop a new version of the software suite, initially called BIND10. In addition to DNS service, the BIND10 suite also included

IPv4 Internet Protocol version 4 (IPv4) is the first version of the Internet Protocol (IP) as a standalone specification. It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. ...

and

DHCP server components. In April 2014, with BIND10 release 1.2.0 the ISC concluded its involvement in the project and renamed it to ''Bundy'', moving the source code repository to GitHub for further development by outside public efforts. ISC discontinued its involvement in the project due to cost-cutting measures. The development of DHCP components was split off to become a new

Kea The kea ( ; ; ''Nestor notabilis'') is a species of large parrot in the Family (biology), family Strigopidae that is endemic to the forested and alpine regions of the South Island of New Zealand. About long, it is mostly olive-green, with br ...

project.

Key features

Database support

Security

History

See also

References

Further reading

External links