Posts Tagged ‘Pro DNS and BIND’

DNS 2010 v9.7.2 64bit version for Solaris 10 Ultar-sparc T2+ edition

There new build version of BIND v9 DNS server special edition for Sun UltraSparc T1/T2+ CPU platform

New Features

  • Zones may be dynamically added and removed with the “rndc addzone” and “rndc delzone” commands. These dynamically added zones are written to a per-view configuration file. Do not rely on the configuration file name nor contents as this will change in a future release. This is an experimental feature at this time.
  • Added new “filter-aaaa-on-v4” access control list to select which IPv4 clients have AAAA record filtering applied.
  • A new command “rndc secroots” was added to dump a combined summary of the currently managed keys combined with statically configured trust anchors.
  • Added support to load new keys into managed zones without signing immediately with "rndc loadkeys". Added support to link keys with "dnssec-keygen -S" and "dnssec-settime -S".

Continue reading “DNS 2010 v9.7.2 64bit version for Solaris 10 Ultar-sparc T2+ edition” »

DNS BIND v9.7 Release for Sun Solaris 10 x86_x64 bit

BIND 9.7.0 includes a number of changes from BIND 9.6 and earlier releases. Most are intended to simplify DNSSEC configuration.

New features include:

  • Fully automatic signing of zones by "named"
  • Simplified configuration of DNSSEC Lookaside Validation (DLV).
  • Simplified configuration of Dynamic DNS, using the "ddns-confgen" command line tool or the "local" update-policy option. (As a side effect, this also makes it easier to configure automatic zone re-signing.)
  • New named option "attach-cache" that allows multiple views to share a single cache.
  • DNS rebinding attack prevention.
  • New default values for dnssec-keygen parameters.
  • Support for RFC 5011 automated trust anchor maintenance (see README.rfc5011 for additional details).
  • Smart signing: simplified tools for zone signing and key maintenance.
  • The "statistics-channels" option is now available on Windows.
  • A new DNSSEC-aware libdns API for use by non-BIND9 applications (see README.libdns for details).
  • On some platforms, named and other binaries can now print out a stack backtrace on assertion failure, to aid in debugging.
  • A "tools only" installation mode on Windows, which only installs dig, host, nslookup and nsupdate.
  • Improved PKCS#11 support, including Keyper support and explicit OpenSSL engine selection (see README.pkcs11 for additional details).

Continue reading “DNS BIND v9.7 Release for Sun Solaris 10 x86_x64 bit” »


Today I released next BIND v 9.6.2 62bit version for Solaris 10 sparc Edition.

It compiled with origin SUN Solaris 10 C/C++ library links and system shared sources without any links to GNU C (GCC) and other kind Free Foundation tools.

You can download it from bellow link:


To build right configuration file you can use full reference documentation:

BIND 9 Administrator Reference Manual


New features in BIND 9.6.2:

Full NSEC3 support

BIND 9.6 includes support for the NSEC3 record generation as defined in RFC 5155, DNS Security (DNSSEC) Hashed Authenticated Denial of Existence. As an alternative to NSEC, it can prevent walking DNSSEC zones (zone enumeration). It also permits gradual expansion of delegation-centric zones. (NSEC3 has an opt-out bit which lets the zone owner save overhead by skipping over signing delegations to unsigned children zones.)

NSEC3 is not recommended unless there is a pressing need for the features NSEC3 provides. It is expensive for both the server and the client. Most zones do not need the addition expense incured by the use of NSEC3.