BIND 9.7.0 includes a number of changes from BIND 9.6 and earlier releases. Most are intended to simplify DNSSEC configuration.

New features include:

• Fully automatic signing of zones by "named"
• Simplified configuration of DNSSEC Lookaside Validation (DLV).
• Simplified configuration of Dynamic DNS, using the "ddns-confgen" command line tool or the "local" update-policy option. (As a side effect, this also makes it easier to configure automatic zone re-signing.)
• New named option "attach-cache" that allows multiple views to share a single cache.
• DNS rebinding attack prevention.
• New default values for dnssec-keygen parameters.
• Support for RFC 5011 automated trust anchor maintenance (see README.rfc5011 for additional details).
• Smart signing: simplified tools for zone signing and key maintenance.
• The "statistics-channels" option is now available on Windows.
• A new DNSSEC-aware libdns API for use by non-BIND9 applications (see README.libdns for details).
• On some platforms, named and other binaries can now print out a stack backtrace on assertion failure, to aid in debugging.
• A "tools only" installation mode on Windows, which only installs dig, host, nslookup and nsupdate.
• Improved PKCS#11 support, including Keyper support and explicit OpenSSL engine selection (see README.pkcs11 for additional details).

Download link

Developed by Eldar Aydayev © 
UNIX Systems Professional Engineer 
Aydayev’s Investment Business Group 
E-mail: eldar@aydayev.com 
URL: http://eldar.aydayev.com 
LinkedIn: http://www.linkedin.com/in/eldar 
Phone: +1 (650) 206-2624