• 首页
• 新闻中心
  • 内部新闻
  • 公共新闻
  • 业界新闻
  • 产品新闻
• 产品应用
  • 程序开发工具
  • 企业级应用
  • 服务器软件
  • 应用工具
  • 数字娱乐
  • 硬件
• 解决方案
  • 系统架构经验谈
  • 系统部署应用
  • 办公自动化
  • 案例集锦
  • 参考手册
• 开源应用支持
  • 认识Unix
  • 系统管理
  • 网络管理
  • 桌面应用
  • 存储备份
  • 引导安装
  • 服务应用
  • 群集应用
  • 数据库
  • 系统安全
• 程序设计与开发
  • Perl编程
  • 设计与开发
  • 应用编程开发
  • Web设计与编程
• 关于我们
  • 关于本站

DNS服务器软件-BIND

2011-02-09 09:16:33 阿炯

BIND（Berkeley Internet NameDomain，伯克利互联网名称域）是一款开放源码的DNS服务器软件，Bind由美国加州大学Berkeley分校开发和维护，始发于1986年6月，它是目前世界上使用最为广泛的DNS服务器软件，支持各种unix平台和windows平台。使用BIND作为支撑互联网域名解析服务的开源DNS服务器，约占所有DNS服务器的90%，BIND现在由互联网系统协会(Internet Systems Consortium)负责开发与维护。采用MPLv2协议授权。



BIND is by far the most widely used DNS software on the Internet. It provides a robust and stable platform on top of which organizations can build distributed computing systems with the knowledge that those systems are fully compliant with published DNS standards.

20世纪80年代，伯克利加州大学计算机系统研究小组的四个研究生Douglas B Terry、Mark Painter、David W. Riggle和周松年（Songnian Zhou）一同编写了BIND的第一个版本，并随BSD4.3发布。

BIND is an implementation of the Domain Name System (DNS) protocols. The name BIND stands for "Berkeley Internet Name Domain", because the software originated in the early 1980s at the University of California at Berkeley. In recent years, the word BIND has become, like "radar" and "snafu" and "laser" and "scuba", more word than acronym.

The DNS protocols are part of the core Internet standards. They specify the process by which one computer can find another computer on the basis of its name. What it means to say "BIND is an implementation of the DNS protocols" is that the BIND software distribution contains all of the software needed both to ask name service questions and to answer such questions.

The BIND software distribution contains three parts:

* A Domain Name System server. This is a program called "named", which is pronounced "name-dee" and stands for "name daemon". It answers questions that are sent to it, following the rules specified in the DNS protocol standards. You can provide DNS service on the internet by installing this software on a server computer and giving it correct information about your domain names.

* A Domain Name System "resolver library". A "resolver" is a program that resolves questions about names by sending those questions to appropriate servers and responding appropriately to the servers' replies. A "resolver library" is a collection of software components that a programmer can add to software being developed, which will give that software the ability to resolve names. For example, a programmer who was programming a new web browser does not need to create the part of it that looks up names in DNS; he or she can plug in the resolver library and then send questions to the library software components. This saves time (the programmer does not need to re-invent that particular wheel) and helps ensure that the new browser correctly follows the DNS standards.

* Software tools for testing servers. These are the tools that we use for testing, and we include them in the distribution in case you would like to do your own testing, perhaps to make sure your server configuration is working properly.

When you install an operating system on your computer, that operating system will contain whatever resolver library its developers selected for it. When you set up a server computer, its vendor usually has provided some DNS server software (usually BIND) so that the server will work as delivered. Because BIND faithfully implements the DNS protocols, there is no need for the resolver (which asks questions) and the server (which answers questions) to be running the same software.

最新版本：9.20
v9.20 现已于2024年7月下旬发布，带来了多项重要改进和增强。这次更新不仅提升了系统的稳定性和性能，还引入了一系列新功能和安全性改进。新版本中优化了查询处理效率，使得域名解析速度更快，响应时间更短，进一步提高了用户体验。

经过彻底测试，BIND 9.20预计将在2024年底或2025年初获得扩展支持版本（ESV）状态。这意味着用户可以期待更长时间的支持和维护。v9.20 还增强了对 DNS 安全扩展（DNSSEC）的支持，提供了更强大的安全防护能力，防止域名劫持和缓存污染等攻击。新版本还改进了日志记录和监控功能，使管理员能够更轻松地跟踪和分析 DNS 活动，快速发现和解决潜在问题。

全新异步事件循环：v9.20的核心基础设施使用libuv异步事件循环进行了完全重写。这种改写通过减少处理线程之间的上下文切换，显著降低了资源消耗，提高了DNS操作的效率。

新的数据库存储：新版本引入了QP-trie作为存储DNS区域和缓存数据的默认数据库，取代了旧的RBTDB。这种切换使得在多CPU系统上使用Userspace RCU库可以更好地扩展，减少对传统POSIX锁定机制的依赖。

DNSSEC更新：v9.20对DNSSEC（域名系统安全扩展）进行了重要更新。auto-dnssec功能已被移除，转而采用单一的DNSSEC策略管理方法。此外，新版本支持DNSSEC多签名者模型2和最新的OpenSSL 3.0引擎API，特别是在使用硬件安全模块的高安全环境中，提升了安全处理能力。

最新标准支持：v9.20支持管理复杂DNS设置的最新标准，如目录区架构版本2和扩展DNS错误。这些新功能使管理员能够更灵活地配置和管理DNS服务器。
性能提升：据开发人员称，性能测试表明，与之前的版本相比，v9.20在内存使用和延迟方面有显著改善，能够更高效地处理DNS查询，并整体上降低资源使用。

v9.20带来了显著的性能和安全性提升，使其成为更高效、更可靠的DNS解决方案。新版本支持四年，为用户提供了长时间的支持和维护。欲了解更多信息，请访问ICS的公告，发布说明提供了所有新功能的详细介绍。其发布标志着 DNS 服务器技术的又一次重要进步，不仅为现有用户提供了更强大的功能和更高的安全性，也为新用户提供了一个可靠、灵活的域名解析解决方案。无论是企业级用户还是个人开发者，都能从中受益，享受到更加高效和安全的互联网域名解析服务。

项目主页：http://www.isc.org/software/bind