BIND 10 - 1.0.0 Beta Release Welcome to the first beta toward the first production BIND 10 1.0.0 release. BIND 10 provides a C++ library for DNS (with python wrappers) and several cooperating daemons for providing authoritative DNS service (with in-memory and SQLite3 backends and DNSSEC support), dynamic DNS, zone transfers, forwarding, and experimental recursive name service. It also provides DHCPv4 and DHCPv6 servers and a C++ library for DHCP. Supplementary components are included for statistics collection and reporting and remote configuration and control. The DNS highlights since the second alpha release include: - New C++ (with Python wrapper) DNS master zone file parser. - Rewritten command-line zone loader tool (for loading into SQLite3 database). The DHCP highlights include: - Implements definitions for most of the DHCPv4 and DHCPv6 standard options. (Option definitions are used to validate contents of options received by a server and to create instances of options being sent to a client.) - Added support for expired leases in b10-dhcp6. Note that the new b10-loadzone has different command-line syntax and the TSIG configuration for b10-xfrin has changed. Also, the default configuration location changed from ${PREFIX}/var/bind10-devel/ to ${PREFIX}/var/bind10/ and default shared files changed from ${PREFIX}/share/bind10-devel/ to ${PREFIX}/share/bind10/; if upgrading from a previous version, you may need to move and update your configurations. We are looking for testers to provide feedback about using this beta release. For more information about BIND 10, the release schedule, and the community testing plans, please see: http://bind10.isc.org/wiki/ProductionRelease Documentation is included and also available via the BIND 10 website at http://bind10.isc.org/ The bind10-1.0.0-beta source may be downloaded from: ftp://ftp.isc.org/isc/bind10/1.0.0-beta/bind10-1.0.0-beta.tar.gz A PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind10/1.0.0-beta/bind10-1.0.0-beta.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at https://www.isc.org/about/openpgp Users and developers are encouraged to participate on the BIND 10 mailing lists. Please provide your feedback: https://lists.isc.org/mailman/listinfo/bind10-users https://lists.isc.org/mailman/listinfo/bind10-dev Bugs may be reported as tickets via the developers website (after logging into Trac): http://bind10.isc.org/ A summary of the significant changes since the previous release include (from the ChangeLog): 533. [build]* jreed Changed the package name in configure.ac from bind10-devel to bind10. This means the default sub-directories for etc, include, libexec, share, share/doc, and var are changed. If upgrading from a previous version, you may need to move and update your configurations or change references for the old locations. (git bf53fbd4e92ae835280d49fbfdeeebd33e0ce3f2) 532. [func] marcin Implemented configuration of DHCPv4 option values using the configuration manager. In order to set values for the data fields carried by a particular option, the user specifies a string of hexadecimal digits that is converted to binary data and stored in the option buffer. A more user-friendly way of specifying option content is planned. (Trac #2544, git fed1aab5a0f813c41637807f8c0c5f8830d71942) 531. [func] tomek b10-dhcp6: Added support for expired leases. Leases for IPv6 addresses that are past their valid lifetime may be recycled, i.e. rellocated to other clients if needed. (Trac #2327, git 62a23854f619349d319d02c3a385d9bc55442d5e) 530. [func]* team b10-loadzone was fully overhauled. It now uses C++-based zone parser and loader library, performing stricter checks, having more complete support for master file formats, producing more helpful logs, is more extendable for various types of data sources, and yet much faster than the old version. In functionality the new version should be generally backwards compatible to the old version, but there are some incompatibilities: name fields of RDATA (in NS, SOA, etc) must be absolute for now; due to the stricter checks some input that was (incorrectly) accepted by the old version may now be rejected; command line options and arguments are not compatible. (Trac #2380, git 689b015753a9e219bc90af0a0b818ada26cc5968) 529. [func]* team The in-memory data source now uses a more complete master file parser to load textual zone files. As of this change it supports multi-line RR representation and more complete support for escaped and quoted strings. It also produces more helpful log messages when there is an error in the zone file. It will be enhanced as more specific tasks in the #2368 meta ticket are completed. The new parser is generally backward compatible to the previous one, but due to the tighter checks some input that has been accepted so far could now be rejected, so it's advisable to check if you use textual zone files directly loaded to memory. (Trac #2470, git c4cf36691115c15440b65cac16f1c7fcccc69521) 528. [func] marcin Implemented definitions for DHCPv4 option definitions identified by option codes: 1 to 63, 77, 81-82, 90-92, 118-119, 124-125. These definitions are now used by the DHCPv4 server to parse options received from a client. (Trac #2526, git 50a73567e8067fdbe4405b7ece5b08948ef87f98) 527. [bug] jelte Fixed a bug in the synchronous UDP server code where unexpected errors from ASIO or the system libraries could cause b10-auth to stop. In asynchronous mode these errors would be ignored completely. Both types have been updated to report the problem with an ERROR log message, drop the packet, and continue service. (Trac #2494, git db92f30af10e6688a7dc117b254cb821e54a6d95) 526. [bug] stephen Miscellaneous fixes to DHCP code including rationalisation of some methods in LeaseMgr and resolving some Doxygen/cppcheck issues. (Trac #2546, git 0140368ed066c722e5d11d7f9cf1c01462cf7e13) 525. [func] tomek b10-dhcp4: DHCPv4 server is now able to parse configuration. It is possible to specify IPv4 subnets with dynamic pools within them. Although configuration is accepted, it is not used yet. This will be implemented shortly. (Trac #2270, git de29c07129d41c96ee0d5eebdd30a1ea7fb9ac8a) 524. [func] tomek b10-dhcp6 is now able to handle RENEW messages. Leases are renewed and REPLY responses are sent back to clients. (Trac #2325, git 7f6c9d057cc0a7a10f41ce7da9c8565b9ee85246) 523. [bug] muks Fixed a problem in inmem NSEC3 lookup (for, instance when using a zone with no non-apex names) which caused exceptions when the zone origin was not added as an explicit NSEC3 record. (Trac #2503, git 6fe86386be0e7598633fe35999112c1a6e3b0370) 522. [func]* jelte Configuration of TSIG keys for b10-xfrin has changed; instead of specifying the full TSIG key (::) it now expects just the name, and uses the global TSIG Key Ring like all the other components (configuration list /tsig_keys/keys). Note: this is not automatically updated, so if you use TSIG in xfrin, you need to update your configuration. (Trac #1351, git e65b7b36f60f14b7abe083da411e6934cdfbae7a) 521. [func] marcin Implemented definitions for DHCPv6 standard options identified by codes up to 48. These definitions are now used by the DHCPv6 server to create instances of options being sent to a client. (Trac #2491, git 0a4faa07777189ed9c25211987a1a9b574015a95) 520. [func] jelte The system no longer prints initial log messages to stdout regardless of what logging configuration is present, but it temporarily stores any log messages until the configuration is processed. If there is no specific configuration, or if the configuration cannot be accessed, it will still fall back to stdout. Note that there are still a few instances where output is printed, these shall be addressed separately. Note also that, currently, in case it falls back to stdout (such as when it cannot connect to b10-cfgmgr), all log messages are always printed (including debug messages), regardless of whether -v was used. This shall also be addressed in a future change. (Trac #2445, git 74a0abe5a6d10b28e4a3e360e87b129c232dea68) 519. [bug] muks Fixed a problem in inmem NSEC lookup which caused returning an incorrect NSEC record or (in rare cases) assert failures when a non-existent domain was queried, which was a sub-domain of a domain that existed. (Trac #2504, git 835553eb309d100b062051f7ef18422d2e8e3ae4) 518. [func] stephen Extend DHCP MySQL backend to handle IPv4 addresses. (Trac #2404, git ce7db48d3ff5d5aad12b1da5e67ae60073cb2607) 517. [func] stephen Added IOAddress::toBytes() to get byte representation of address. Also added convenience methods for V4/V6 address determination. (Trac #2396, git c23f87e8ac3ea781b38d688f8f7b58539f85e35a) 516. [bug] marcin Fixed 'make distcheck' failure when running perfdhcp unit tests. The unit tests used to read files from the folder specified with the path relative to current folder, thus when the test was run from a different folder the files could not be found. (Trac #2479, git 4e8325e1b309f1d388a3055ec1e1df98c377f383) 515. [bug] jinmei The in-memory data source now accepts an RRSIG provided without a covered RRset in loading. A subsequent query for its owner name of the covered type would generally result in NXRRSET; if the covered RRset is of type NSEC3, the corresponding NSEC3 processing would result in SERVFAIL. (Trac #2420, git 6744c100953f6def5500bcb4bfc330b9ffba0f5f) 514. [bug] jelte b10-msgq now handles socket errors more gracefully when sending data to clients. It no longer exits with 'broken pipe' errors, and is also better at resending data on temporary error codes from send(). (Trac #2398, git 9f6b45ee210a253dca608848a58c824ff5e0d234) 513. [func] marcin Implemented the OptionCustom class for DHCPv4 and DHCPv6. This class represents an option which has a defined structure: a set of data fields of specific types and order. It is used to represent those options that can't be represented by any other specialized class. (Trac #2312, git 28d885b457dda970d9aecc5de018ec1120143a10) 512. [func] jelte Added a new tool b10-certgen, to check and update the self-signed SSL certificate used by b10-cmdctl. The original certificate provided has been removed, and a fresh one is generated upon first build. See the b10-certgen manpage for information on how to update existing installed certificates. (Trac #1044, git 510773dd9057ccf6caa8241e74a7a0b34ca971ab) 511. [bug] stephen Fixed a race condition in the DHCP tests whereby the test program spawned a subprocess and attempted to read (without waiting) from the interconnecting pipe before the subprocess had written anything. The lack of output was being interpreted as a test failure. (Trac #2410, git f53e65cdceeb8e6da4723730e4ed0a17e4646579) 510. [func] marcin DHCP option instances can be created using a collection of strings. Each string represents a value of a particular data field within an option. The data field values, given as strings, are validated against the actual types of option fields specified in the options definitions. (Trac #2490, git 56cfd6612fcaeae9acec4a94e1e5f1a88142c44d) 509. [func] muks Log messages now include the pid of the process that logged the message. (Trac #1745, git fc8bbf3d438e8154e7c2bdd322145a7f7854dc6a) 508. [bug] stephen Split the DHCP library into two directories, each with its own Makefile. This properly solves the problem whereby a "make" operation with multiple threads could fail because of the dependencies between two libraries in the same directory. (Trac #2475, git 834fa9e8f5097c6fd06845620f68547a97da8ff8) Thanks again to those who contributed bug reports, code, and reviews. Jeremy C. Reed ISC Release Engineer