BIND 10 Development Now Fully Underway

darthcamaro writes "A decade after work first began on version 9 of BIND, the widely deployed open source DNS server, work is now fully underway on its successor, BIND 10. '"One of the goals for BIND 10 is to allow people to customize and extend without too much trouble," Shane Kerr, BIND 10's program manager at the Internet Systems Consortium (ISC), told InternetNews.com.' Sounds good right? Only problem is that it's going to take a bit of time until BIND 10 is actually ready for production — potentially as long as five years!"

Fix LDAP Integrated Zones.

[Zombie Ryushu]

Please, Please Please fix the Bind LDAP SDB Backend to allow LDAP Integrated Zones to Dynamic update. LDAP zones are useless right now because DHCP can't update it!

Re:How about making it simpler?

[Just Some Guy]

For a program who's core functionality is name -> number why is the configuration guide heavier than my tombstone?

Mainly because it's required to do so very much. Yes, my named.conf is very complicated. I don't know how much simpler you could make split-zone DNS for about 30 zones, including masters, slaves, and some dynamic updates. Oh, and TSIG to authenticate request between each pair of servers. And reverse zones. And IPv6. And recursion (but only for one of the views). I mean, it's sort of like Apache's httpd.conf. Sure, it gets twisty, but what could you leave out and still be able to configure the same functionality?

Re:Modular design?

[e9th]

Before he placed it into the public domain, his qmail site had a wonderful "Information for Distributors" page. Maybe not technically a license, but when the copyright holder says

If you want to distribute modified versions of qmail (including ports, no matter how minor the changes are) you'll have to get my approval. This does not mean approval of your distribution method, your intentions, your e-mail address, your haircut, or any other irrelevant information. It means a detailed review of the exact package that you want to distribute.

it makes you think twice before including it in [your favorite distro here].

Too late

[mseeger]

Hi,

my personal opinion is, that BIND 9 already lived too long and BIND 10 started much too late. If you have to operate huge installations (>250.000 Zones), BIND 9 is close to unuseable.

Example: Starting BIND 9 with 350.000 Zones already consumes the complete service window (2 hours) we have for works concerning the hardware. You can't even shave off much time by having all zone files on a ram disk (about 10% less time). BIND 9.6 utilizes a single core for 2 hours just to parse and load the information. For comparison a different (comercial) product imports the (same) complete configuration in about 90s (from disk, BIND 9 format) and takes about 4s for start afterwards. I know there are workarounds for BIND, but they come with high operational costs.

BIND is (IMHO) mainly a reference implementation. It has to implement everything in one single product and suffers the usual penalties for it. I still use BIND 9 myself for several purposes since it has a some advantages too (mainly, that it is OSS).

Sincerely yours, Martin

P.S. If there is any interest, i can post some benchmarks and scripts which i used to run them....

DISCLAIMER: I'm working for a company that is selling DNS products. So i'm not to be considered a neutral party :-). But since i'm doing this for 15 years now, i consider myself at least an experienced biased party.....