[Cerowrt-devel] Fwd: BIND 10 - 1.0.0 Release Candidate

Guillaume Fortaine guillaume.fortaine at devopspace.com
Fri Feb 15 07:03:34 EST 2013

---------- Forwarded message ----------
From: Jeremy C. Reed <jreed at isc.org>
Date: Fri, Feb 15, 2013 at 4:30 AM
Subject: BIND 10 - 1.0.0 Release Candidate
To: bind10-dhcp at lists.isc.org

Hash: SHA1

        BIND 10 - 1.0.0 Release Candidate

Welcome to the first release candidate toward the first production
BIND 10 1.0.0 release.  BIND 10 provides a C++ library for DNS
(with python wrappers) and several cooperating daemons for providing
authoritative DNS service (with in-memory and SQLite3 backends and
DNSSEC support), dynamic DNS, zone transfers, and experimental
forwarding and recursive name service.  Supplementary components
are included for statistics collection and reporting and remote
configuration and control.

This version of BIND 10 also includes the latest snapshot of the
BIND 10 DHCP development.  The snapshot includes a C++ library for
DHCP and two DHCP servers, one for IPv4 and one for IPv6. Features
of these servers are:

* Able to allocate and renew addresses, and handle lease expiration
  and releases.
* Supports a subset of clients:
  - DHCPv4 clients connected to the server via a relay.
  - DHCPv6 clients on the same LAN as the server.
* Able to configure values for standard options returned to a client,
  either globally or on a per-subnet basis.
* Able to define new options and configure them in the same way as
  standard options.
* Leases are stored in a MySQL database.
* Configuration, logging and process control uses the same mechanisms
  as the BIND 10 DNS server.

Note: The default testing account and password for bindctl/b10-cmdctl
is now removed; a new account for remote configuration and control
can be created with b10-cmdctl-usermgr, for example:
        b10-cmdctl-usermgr --file /usr/local/etc/bind10/cmdctl-accounts.csv

We are looking for testers to provide feedback about using this
release candidate. For more information about BIND 10, the release
schedule, and the community testing plans, please see:


Documentation is included and also available via the BIND 10 website
at http://bind10.isc.org/

The bind10-1.0.0-rc source may be downloaded from:


A PGP signature of the distribution is at


The signature was generated with the ISC code signing key which is
available at https://www.isc.org/about/openpgp

A summary of the significant changes since the previous release
include (from the ChangeLog):

580.    [func]*         muks
        There is no longer a default user account. The old default account
        with username 'root' has been removed. In a fresh installation of
        BIND 10, the administrator has to configure a user account using
        the b10-cmdctl-usermgr program.
        (Trac #2641, git 54e8f4061f92c2f9e5b8564240937515efa6d934)

579.    [bug]           jinmei
        libdatasrc/b10-auth: corrected some corner cases in query handling
        of in-memory data source that led to the following invalid/odd
        responses from b10-auth:
        - duplicate RRs in answer and additional for type ANY query
        - incorrect NSEC for no error, no data (NXRRSET) response that
          matches a wildcard
        (Trac #2585, git abe78fae4ba3aca5eb01806dd4e05607b1241745)

578.    [bug]           jinmei
        b10-auth now returns closest encloser NSEC3 proof to queries for
        an empty non terminal derived from an Opt-Out NSEC RR, as clarified
        in errata 3441 for RFC5155.  Previously it regarded such case as
        broken zone and returned SERVFAIL.
        (Trac #2659, git 24c235cb1b379c6472772d340e21577c3460b742)

577.    [func]          muks
        Added an SQLite3 index on records(rname, rdtype). This decreases
        insert performance by ~28% and adds about ~20% to the file size,
        but increases zone iteration performance. As it introduces a new
        index, a database upgrade would be required.
        (Trac #1756, git 9b3c959af13111af1fa248c5010aa33ee7e307ee)

576.    [bug]           tmark, tomek
        b10-dhcp6: Fixed bug when the server aborts operation when
        receiving renew and there are no IPv6 subnets configured.
        (Trac #2719, git 3132b8b19495470bbfd0f2ba0fe7da443926034b)

575.    [bug]           marcin
        b10-dhcp6: Fixed the bug whereby the subnet for the incoming
        packet was selected using only its source address. The subnet
        is now selected using either source address or the name of the
        server's interface on which the packet has been received.
        (Trac #2704, git 1cbacf19a28bdae50bb9bd3767bca0147fde37ed)

574.    [func]          tmark
        b10-dhcp4, b10-dhcp6: Composite key indexes were added to the lease
        tables to reduce lease search time. The lease4 table now has two
        additional indexes: a) hwaddr/subnet_id and b) client_id/subnet_id.
        The lease6 now has the one additional index: iaid/subnet_id/duid.
        Adding these indexes significantly improves lease acquisition
        (Trac #2699,#2703, git 54bbed5fcbe237c5a49b515ae4c55148723406ce)

573.    [bug]           stephen
        Fixed problem whereby the DHCP server crashed if it ran out of
        addresses.  Such a condition now causes a packet to be returned
        to the client refusing the allocation of an address.
        (Trac #2681, git 87ce14cdb121b37afb5b1931af51bed7f6323dd6)

572.    [bug]           marcin
        perfdhcp: Fixed bug where the command line switches used to
        run the perfdhcp where printed as ASCII codes.
        (Trac #2700, git b8d6b949eb7f4705e32fbdfd7694ca2e6a6a5cdc)

571.    [build]         jinmei
        The ./configure script can now handle output from python-config
        --ldflags that contains a space after -L switches.  This fixes
        failure reported on some Solaris environments.
        (Trac #2661, git e6f86f2f5eec8e6003c13d36804a767a840d96d6)

570.    [bug]           tmark, marcin, tomek
        b10-dhcp4: Address renewal now works properly for DHCPv4 clients
        that do not send client ID.
        (Trac #2702, git daf2abe68ce9c111334a15c14e440730f3a085e2)

569.    [bug]           tomek
        b10-dhcp4: Fix bug whereby a DHCP packet without a client ID
        could crash the MySQL lease database backend.
        (Trac #2697, git b5e2be95d21ed750ad7cf5e15de2058aa8bc45f4)

568.    [func]          muks
        Various message IDs have been renamed to remove the word 'ERROR'
        from them when they are not logged at ERROR severity level.
        (Trac #2672, git 660a0d164feaf055677f375977f7ed327ead893e)

567.    [doc]           marcin, stephen, tomek
        Update DHCP sections of the BIND 10 guide.
        (Trac #2657, git 1d0c2004865d1bf322bf78d13630d992e39179fd)

566.    [func]*         jinmei
        libdns++/Python isc.dns: In Python isc.dns, function style
        constants for RRType, RRClass, Rcode and Opcode were deprecated
        and replaced with straightforward object constants, e.g., from
        RRType.AAAA() to RRType.AAAA.  This is a backward incompatible
        change (see the Trac ticket for a conversion script if needed).
        Also, these constants are now more consistent between C++
        and Python, and RRType constants for all currently standardized
        types are now supported (even if Rdata for these are not yet
        (Trac #1866 and #2409, git e5005185351cf73d4a611407c2cfcd163f80e428)

565.    [func]*         jelte
        The main initializer script (formerly known as either 'bind10',
        'boss', or 'bob'), has been renamed to b10-init (and Init in
        configuration). Configuring which components are run is henceforth
        done through '/Init/components', and the sbin/bind10 script is now
        simply a shellscript that runs b10-init. Existing configuration is
        automatically updated. NOTE: once configuration with this update
        has been saved (by committing any new change with bindctl), you
        cannot run older versions of BIND 10 anymore with this configuration.
        (Trac #1901, git bae3798603affdb276f370c1ac6b33b011a5ed4f)

564.    [func]          muks
        libdns++: the CNAME, DNAME, MX, NS, PTR and SRV Rdata classes now
        use the generic lexer in constructors from text.  This means that
        the name fields in such RRs in a zone file can now be non-absolute
        (the origin name in that context will be used), e.g., when loaded
        by b10-loadzone. One additional change to the libdns++ API is that
        the existing string constructors for these Rdata classes also use
        the generic lexer, and they now expect an absolute name (with the
        trailing '.') in the name fields.
        (Trac #2390, git a01569277cda3f78b1171bbf79f15ecf502e81e2)
        (Trac #2656, git 5a0d055137287f81e23fbeedd35236fee274596d)

563.    [build]         jinmei
        Added --disable-rpath configure option to avoid embedding library
        paths to binaries.  Patch from Adam Tkac.
        (Trac #2667, git 1c50c5a6ee7e9675e3ab154f2c7f975ef519fca2)

562.    [func]*         vorner
        The b10-xfrin now performs basic sanity check on just received
        zone. It'll reject severely broken zones (such as missing NS
        (Trac #2439, git 44699b4b18162581cd1dd39be5fb76ca536012e6)

561.    [bug]           kambe, jelte
        b10-stats-httpd no longer dumps request information to the console,
        but uses the bind10 logging system. Additionally, the logging
        identifiers have been changed from STATHTTPD_* to STATSHTTPD_*
        (Trac #1897, git 93716b025a4755a8a2cbf250a9e4187741dbc9bb)

560.    [bug]           jinmei
        b10-auth now sets the TTL of SOA RR for negative responses to
        the minimum of the RR TTL and the minimum TTL of the SOA RDATA
        as specified in RFC2308; previously the RR TTL was always used.
        The ZoneFinder class was extended partly for implementing this
        and partly for allowing further optimization.
        (Trac #2309 and #2635, git ee17e979fcde48b59d91c74ac368244169065f3b)

559.    [bug]           jelte
        b10-cmdctl no longer aborts on basic file issues with its https
        certificate or private key file. It performs additional checks, and
        provides better error logs if these fail. Additionally, bindctl
        provides a better error report if it is unable to connect over
        https connection. This issue could occur if BIND 10 was installed
        with root privileges but then started as a normal user.
        (Trac #2595, git 09b1a2f927483b407d70e98f5982f424cc872149)

558.    [func]          marcin
        b10-dhcp4: server now adds configured options to its
        responses to a client when client requests them.
        A few basic options: Routers, Domain Name, Domain
        Name Servers and Subnet Mask are added regardless
        if client requested them or not.
        (Trac #2591, git aeec2dc1b9c511d17971ac63138576c37e7c5164)

557.    [doc]           stephen
        Update DHCP sections of the BIND 10 guide.
        (Trac #2642, git e5faeb5fa84b7218fde486347359504cf692510e)

556.    [bug]           marcin
        Fixed DHCP servers configuration whereby the servers did not
        receive a configuration stored in the database on their startup.
        Also, the configuration handler function now uses full configuration
        instead of partial to configure the server. This guarantees that
        dependencies between various configuration parameters are
        (Trac #2637, git 91aa998226f1f91a232f2be59a53c9568c4ece77)

555.    [func]          marcin
        The encapsulated option space name can be specified for
        a DHCP option. It comprises sub-options being sent within
        an option that encapsulates this option space.
        (Trac #2314, git 27e6119093723a1e46a239ec245a8b4b10677635)

554.    [func]          jinmei
        b10-loadzone: improved completion log message and intermediate
        reports: It now logs the precise number of loaded RRs on
        completion, and intermediate reports show additional information
        such as the estimated progress in percentage and estimated time
        to complete.
        (Trac #2574, git 5b8a824054313bdecb8988b46e55cb2e94cb2d6c)

553.    [func]          stephen
        Values of the parameters to access the DHCP server lease database
        can now be set through the BIND 10 configuration mechanism.
        (Trac #2559, git 6c6f405188cc02d2358e114c33daff58edabd52a)

552.    [bug]           shane
        Build on Raspberry PI.
        The main issue was use of char for reading from input streams,
        which is incorrect, as EOF is returned as an int -1, which would
        then get cast into a char -1.
        A number of other minor issues were also fixed.
        (Trac #2571, git 525333e187cc4bbbbde288105c9582c1024caa4a)

551.    [bug]           shane
        Kill msgq if we cannot connect to it on startup.
        When the boss process was unable to connect to the msgq, it would
        exit. However, it would leave the msgq process running. This has
        been fixed, and the msgq is now stopped in this case.
        (Trac #2608, git 016925ef2437e0396127e135c937d3a55539d224)

550.    [func]          tomek
        b10-dhcp4: The DHCPv4 server now generates a server identifier
        the first time it is run. The identifier is preserved in a file
        across server restarts.
        b10-dhcp6: The server identifier is now preserved in a file across
        server restarts.
        (Trac #2597, git fa342a994de5dbefe32996be7eebe58f6304cff7)

549.    [func]          tomek
        b10-dhcp6: It is now possible to specify that a configured subnet
        is reachable locally over specified interface (see "interface"
        parameter in Subnet6 configuration).
        (Trac #2596, git a70f6172194a976b514cd7d67ce097bbca3c2798)

548.    [func]          vorner
        The message queue daemon now appears on the bus. This has two
        effects, one is it obeys logging configuration and logs to the
        correct place like the rest of the modules. The other is it
        appears in bindctl as module (but it doesn't have any commands or
        configuration yet).
        (Trac #2582, git ced31d8c5a0f2ca930b976d3caecfc24fc04634e)

547.    [func]*         vorner
        The b10-loadzone now performs more thorough sanity check on the
        loaded data.  Some of the checks are now fatal and zone failing
        them will be rejected.
        (Trac #2436, git 48d999f1cb59f308f9f30ba2639521d2a5a85baa)

546.    [func]          marcin
        DHCP option definitions can be now created using the
        Configuration Manager. The option definition specifies
        the option code, name and the types of the data being
        carried by the option.  The Configuration Manager
        reports an error on attempt to override standard DHCP
        option definition.
        (Trac #2317, git 71e25eb81e58a695cf3bad465c4254b13a50696e)

545.    [func]          jinmei
        libdns++: the SOA Rdata class now uses the generic lexer in
        constructors from text.  This means that the MNAME and RNAME of an
        SOA RR in a zone file can now be non absolute (the origin name
        in that context will be used), e.g., when loaded by b10-loadzone.
        (Trac #2500, git 019ca218027a218921519f205139b96025df2bb5)

544.    [func]          tomek
        b10-dhcp4: Allocation engine support for IPv4 added. Currently
        supported operations are server selection (Discover/Offer),
        address assignment (Request/Ack), address renewal (Request/Ack),
        and address release (Release). Expired leases can be reused.
        Some options (e.g. Router Option) are still hardcoded, so the
        DHCPv4 server is not yet usable, although its address allocation
        is operational.
        (Trac #2320, git 60606cabb1c9584700b1f642bf2af21a35c64573)

543.    [func]*         jelte
        When calling getFullConfig() as a module, , the configuration is now
        returned as properly-structured JSON.  Previously, the structure had
        been flattened, with all data being labelled by fully-qualified
        element names.
        (Trac #2619, git bed3c88c25ea8f7e951317775e99ebce3340ca22)

542.    [func]          marcin
        Created OptionSpace and OptionSpace6 classes to represent DHCP
        option spaces. The option spaces are used to group instances
        and definitions of options having uniqe codes. A special type
        of option space is the so-called "vendor specific option space"
        which groups sub-options sent within Vendor Encapsulated Options.
        The new classes are not used yet but they will be used once
        the creation of option spaces by configuration manager is
        (Trac #2313, git 37a27e19be874725ea3d560065e5591a845daa89)

541.    [func]          marcin
        Added routines to search for configured DHCP options and their
        definitions using name of the option space they belong to.
        New routines are called internally from the DHCPv4 and DHCPv6
        servers code.
        (Trac #2315, git 741fe7bc96c70df35d9a79016b0aa1488e9b3ac8)

540.    [func]          marcin
        DHCP Option values can be now specified using a string of
        tokens separated with comma sign. Subsequent tokens are used
        to set values for corresponding data fields in a particular
        DHCP option. The format of the token matches the data type
        of the corresponding option field: e.g. "" for IPv4
        address, "5" for integer value etc.
        (Trac #2545, git 792c129a0785c73dd28fd96a8f1439fe6534a3f1)

539.    [func]          stephen
        Add logging to the DHCP server library.
        (Trac #2524, git b55b8b6686cc80eed41793c53d1779f4de3e9e3c)

538.    [bug]           muks
        Added escaping of special characters (double-quotes, semicolon,
        backslash, etc.) in text-like RRType's toText() implementation.
        Without this change, some TXT and SPF RDATA were incorrectly
        stored in SQLite3 datasource as they were not escaped.
        (Trac #2535, git f516fc484544b7e08475947d6945bc87636d4115)

537.    [func]          tomek
        b10-dhcp6: Support for RELEASE message has been added. Clients
        are now able to release their non-temporary IPv6 addresses.
        (Trac #2326, git 0974318566abe08d0702ddd185156842c6642424)

536.    [build]         jinmei
        Detect a build issue on FreeBSD with g++ 4.2 and Boost installed via
        FreeBSD ports at ./configure time.  This seems to be a bug of
        FreeBSD ports setup and has been reported to the maintainer:
        Until it's fixed, you need to build BIND 10 for FreeBSD that has
        this problem with specifying --without-werror, with clang++
        (development version), or with manually extracted Boost header
        files (no compiled Boost library is necessary).
        (Trac #1991, git 6b045bcd1f9613e3835551cdebd2616ea8319a36)

535.    [bug]           jelte
        The log4cplus internal logging mechanism has been disabled, and no
        output from the log4cplus library itself should be printed to
        stderr anymore. This output can be enabled by using the
        compile-time option --enable-debug.
        (Trac #1081, git db55f102b30e76b72b134cbd77bd183cd01f95c0)

534.    [func]*         vorner
        The b10-msgq now uses the same logging format as the rest
        of the system. However, it still doesn't obey the common
        configuration, as due to technical issues it is not able
        to read it yet.
        (git 9e6e821c0a33aab0cd0e70e51059d9a2761f76bb)

Thanks again to those who contributed bug reports, code, and reviews.
Bugs may be reported as tickets via the developers website (after
logging into Trac) at:


Please feel free to participate and share your feedback on the BIND
10 mailing lists:


Jeremy C. Reed
ISC Release Engineering

Version: GnuPG v1.4.12 (NetBSD)

bind10-dhcp mailing list
bind10-dhcp at lists.isc.org

More information about the Cerowrt-devel mailing list