Unraveling BIND 9.3 Page 3

By Martin Brown (Send Email)
Posted Apr 13, 2005


Support Options

As a long-time open source project, BIND is community-backed via various Web sites, mailing lists, and newsgroups devoted to, and supporting, BIND software. BIND is supported through the BSD License, which allows anyone to use or redistribute the software, with or without fee, in source or binary form, and under any license desired.

For commercial distributions, like Solaris, the vendor (in the case of Solaris, Sun) provides the necessary support for the product as if it sells and distributes BIND as part of the operating system. Organizations that distribute BIND with other free or open source offerings, such as Linux, there is no such support available directly. However, SUSE and Red Hat do offer support with their enterprise products.

Many enterprises use BIND software in a commercial context, either in a free operating system like a Linux distro or BSD flavor, or through the versions of BIND installed in place of many commercial solutions on a range of different operating systems. Starting with 9.3, ISC will offer annual support contracts to these companies and organizations. The support ranges from simple e-mail to always-available phone support.

Depending on the contract selected, ISC can also help set up an infrastructure, hopefully preventing potential problems that occur in the future. The different options also incorporate both standard and emergency response systems and direct access to expert contacts. The price for this, admittedly, can be high. Standard support starts at $5,000, but for an ISP or one of the companies managing one of the root servers, the costs are minimal compared to the potential money lost in the event of a DNS failure.

Looking Ahead to 9.4

The key focus for BIND 9.4 will be the documentation. ISC already stated it expects to completely rewrite the manuals to make the BIND software easier to use and understand, a frequent complaint of many administrators.

Another complaint is the lack of an administrative interface for BIND. All configuration is still handled by text files that must be edited with a simple text editor. Future versions of BIND are not expected to provide a complete solution, but they will provide some middleware to make it easier for third-party developers to manage the BIND configuration.

ISC also sees the security aspects of BIND becoming an important part of the migration of DNS to be more than just a way to resolve IP addresses. Already, aspects of the additional information stored in the DNS can be useful; for example, HOST records can store information about the operating system and platform.

The DNS system already acts as a method for storing unique identifiers for hosts. It could be further expanded to hold more detailed information and even act as an asset register. This would make it easy to, for example, track and trace information about individual hosts. Another idea is to use the DNS datastore as a method for exchanging security information, such as encryption keys for remote login or wireless access (WEP or WPA). Of course, this relies on better security of the DNS database, especially when exchanging information with other hosts; giving away this data to unauthorized clients would be disastrous. Once the security issue is overcome (using DNSSEC), DNS will become a simple, and obvious, way to disseminate this information.

Other groups and individuals are already using it as a way of storing discrete information in a distributed format.

Page 3 of 3


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.