Knowledge Base ISC Main Website Ask a Question/Contact ISC
 Featured
BIND9 Significant Features Matrix
Author: Cathy Almond Reference Number: AA-01310 Views: 7279 Created: 2015-10-20 13:07 Last Updated: 2016-10-05 16:13 100 Rating/ 2 Voters

The "S" (stable preview) editions and the other release branches of BIND differ in a number of ways. This table lists the major feature differences for current main supported versions of BIND, (with some provisional but incomplete insight into our future release plans where features overlap with already-released branches).

Feature9.99.9 S (stable preview)
9.109.11
Automatic interface scanning

allall
Case-sensitive name compression9.9.59.9.5-S1allall
DDOS Mitigation: DNS COOKIE (previously called SIT)

all (with --enable-sit); code point updated to COOKIE in 9.10.3all
DDOS Mitigation: Faster RPZ and new triggers
allallall
DDOS Mitigation: Fetch limits (DDoS mitigation for recursive servers)9.9.8 (with --enable-fetchlimit)9.9.6-S1 (revised 9.9.8-S1)9.10.3 (with --enable-fetchlimit)all
DDOS Mitigation: Minimal response to 'any' queries


all
DDOS Mitigation: Multiple response rate limiters for different domains
9.9.5-S1

DDOS Mitigation: Response rate limiting (RRL)9.9.4 (with --enable-rrl)allallall
DDOS Mitigation: SERVFAIL caching
9.9.6-S1
all
DDOS Mitigation: Size & ratio controls for response rate limiters
9.9.5-S1

DNSSEC: Automatic creation of CDS, CDSKEY records


all
DNSSECNative PKCS#11   allall
DNSSEC: Negative trust anchors
9.9.6-S1
all
EDNS Client-Subnet (ECS) option support for authoritative servers


all
EDNS EXPIRE option (server side)   all (with experimental code point); EXPIRE code point finalized in 9.10.1 all
EDNS EXPIRE option (client side)    all
EDNSImproved EDNS fallback processing

allall
GeoIP support
allallall
Management: Detailed statistics counters
allallall
Management: DNSTAP query/response logging
9.9.8-S5
all
Management: JSON statistics
allallall
Management: New XML statistics schema9.9.3all (with --enable-newstats)allall
Management: Squelch duplicate named servers


all
Management: Traffic size statistics (per RSSAC02)


all
nxdomain-redirect option
9.9.8-S1
all
Performance: Fast "map" format zone files

allall
Performance: Large server tuning
allallall
Performance: Pipelined TCP queries (server side)


all
Performance: TCP connection sharing for update forwarding   all
Performance: Separate rate limiting for startup NOTIFY messages
9.9.7-S1
all
Provisioning: Catalog zones


all
Provisioning: Dynamic DB (DynDB) support


all
Provisioning: in-view zone option

allall
Resolver: Cache prefetch

allall
Resolver: Prefer IPv6 when querying authoritative servers
9.9.8-S5
all
RNDC: "showzone", "modzone"
9.9.8-S5
all
RNDC: faster "delzone" with LMDB option   all
RNDC: Python module


all
RNDC: read-only option
9.9.9-S1
all
RNDC: zone status reporting

allall


New utilities that have been introduced in each branch

Utility9.99.9 S (stable preview)
9.109.11
 delv  allall
 dnssec-importkey9.9.59.9.5-S1allall
 dnssec-checkds9.9.2allallall
 dnssec-coverage9.9.3allallall
 dnssec-keymgr    all
 dnssec-verify9.9.2allallall
 dnstap-read    all
 named-rrchecker  allall
 mdig    all
 tsig-keygen  allall


Notes:

  • "all" indicates that this feature was (or will be) introduced in the first public release of this branch
  • version numbers indicate that this feature was (or will be) introduced in the specified version, not in the first public release of the branch
  • DNS COOKIE support was introduced in 9.10 as an experimental feature using the name SIT (server identity token).  It can be enabled with --enable-sit in all unix/linux builds and is on by default in Windows.  In 9.11 the name was changed to COOKIE and the feature is enabled by default in all builds.


© 2001-2016 Internet Systems Consortium

Please help us to improve the content of our knowledge base by letting us know below how we can improve this article.

If you have a technical question or problem on which you'd like help, please don't submit it here as article feedback.

For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.

ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.

Feedback
  • There is no feedback for this article
Info Submit Feedback on this Article
Nickname: Your Email: Subject: Comment:
Enter the code below:
Quick Jump Menu