BIND, from ISC Name Server Round Table ccNSO, ICANN 50 23 June - - PowerPoint PPT Presentation

▶

Jul 21, 2023 345 likes •434 views

BIND, from ISC Name Server Round Table ccNSO, ICANN 50 23 June 2014 BIND use cases 2013 BIND support subscriptions BIND is the Swiss Army Education, knife of DNS software. 3% It is intended to work for TLD, 11% any use case

SLIDE 1

BIND, from ISC

Name Server Round Table ccNSO, ICANN 50 23 June 2014

SLIDE 2

BIND use cases

BIND is the Swiss Army

knife of DNS software.

It is intended to work for

any use case

Though it is not optimal for

every use, it will always work

Recent BIND features

support different use cases

~35,000 copies of BIND

downloaded via ISC http since January, 2014

Education, 3% Enterprise, 16%

Government , 8%

ISP, 9% OEM, 28% Telco, 25% TLD, 11%

2013 BIND support subscriptions

SLIDE 3

BIND Provisioning overview

Authoritative and recursive service from same

program, NAMED

Configured at startup from config file

(named.conf), or while running using a realtime controller (RNDC)

Config file is a permanent record of a

configuration.

Zone files or zone databases can be manipulated

like any other file (e.g. using standard tools)

Accepts DDNS updates

SLIDE 4

A few BIND features

Views
In-line DNSSEC signing
Response Policy Zones
Response Rate Limiter
Dynamically loaded zones
Resolver prefetch of expiring data

SLIDE 5

DNSSEC Support

Serve signed zones Sign zones In-line signing NSEC, NSEC3 Hash methods: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512 Key management, scheduled rollover (next release) HSM support (native PKCS#11) DNSSEC troubleshooting (delv) Negative Trust Anchor (next release)

SLIDE 6

General vs special tools

BIND is universal. If you want to use just
ne tool for all DNS service, use BIND.
ISC works hard to ensure that BIND

correctly implements every new RFC.

There are a lot of RFCs,

so BIND has a lot of features.

For a large-scale mission-critical service,