Scribd Logo
Upload

Welcome to Scribd!

  • The Architecture of The Next Generation DNS Server: BIND 10: Shane Kerr

    Uploaded by

    paulsheth
    26 views36 pages
    The document summarizes the architecture of BIND 10, the next generation of the BIND DNS server software. It describes how BIND 10 is being reimplemented using a more modular and scalable design compared to previous versions. The key components of BIND 10 include a core made up of message passing, configuration management and a privileged socket creator. Additional modules handle functions like authoritative serving, recursion, zone management and statistics. The design aims to improve customization, scalability and robustness over BIND 9.

    Original Description:

    BIND 10

    Original Title

    10-BIND10-TheArcNextGenDNS

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document summarizes the architecture of BIND 10, the next generation of the BIND DNS server software. It describes how BIND 10 is being reimplemented using a more modular and scalable design compared to previous versions. The key components of BIND 10 include a core made up of message passing, configuration management and a privileged socket creator. Additional modules handle functions like authoritative serving, recursion, zone management and statistics. The design aims to improve customization, scalability and robustness over BIND 9.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    26 views36 pages

    The Architecture of The Next Generation DNS Server: BIND 10: Shane Kerr

    Uploaded by

    paulsheth
    The document summarizes the architecture of BIND 10, the next generation of the BIND DNS server software. It describes how BIND 10 is being reimplemented using a more modular and scalable design compared to previous versions. The key components of BIND 10 include a core made up of message passing, configuration management and a privileged socket creator. Additional modules handle functions like authoritative serving, recursion, zone management and statistics. The design aims to improve customization, scalability and robustness over BIND 9.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 36

    The Architecture of the

    Next Generation DNS


    Server: BIND 10
    Shane Kerr
    shane@isc.org
    DNS? BIND?
    DNS: convert names into numbers

    www.isc.org 149.20.64.42

    www.isc.org 2001:4f8:0:2::d
    BIND: DNS server software
    Runs on about 80 of DNS servers
    BIND 9. BIND 10!
    BIND !: current version of BIND
    !.0.0 re"ease# in $000%0!%&'
    Now at !.(.$%)$
    BIND &0: ne*t version of BIND
    + ,ear -ro.ect to re%i/-"e/ent BIND
    0urrent", in ,ear $
    S-onsore# #eve"o-/ent
    Today! To"ic:
    Architecture
    12o #ate there is sti"" no agree/ent on
    the -recise #efinition of the ter/
    3software architecture4.1
    Wikipedia article on
    Software architecture
    Today! To"ic:
    Architecture... Defined!
    1I 5now it when I see it.1
    - Potter Stewart,
    United States Supreme Court
    Goa#! that Affect
    Architecture I
    0usto/i6ation 3out%of%the%bo*4
    authoritative%on",7 recursive%on",
    s"ave%on",7 /aster%on",
    enab"e8#isab"e #,na/ic DNS
    su--ort favorite S9: bac5en#
    0usto/i6ation via co#e changes
    non%IS0 /o#u"es7 or /o#ifications
    bes-o5e or in%house #eve"o-/ent
    Goa#! that Affect
    Architecture II
    Sca"abi"it,
    BIND 8: sing"e core ;30)<4 then=
    BIND !: /u"ti-"e cores ;>%' or so=
    BIND &0: &01s or &001s of cores7
    /u"ti-"e /achines ;c"ustere#=
    Robustness
    Re#uce serious software bugs
    ?ini/i6e i/-act of bugs
    Re#uce 3fate sharing4
    htt-s:88bin#&0.isc.org8wi5i8DesignDiagra/s
    BIND 10
    0ore
    BoB
    /sg@
    cfg/gr
    $a!ter%&Bo!! of BIND
    Aan#"es startu-7 shut#own
    Restarts -rocesses that #ie
    Britten in ),thon
    An A!ide:
    BIND 10 'an(ua(e!
    0CC for -erfor/ance critica" -arts
    ?o#ern co/-i"e# "anguage
    Bi#e", use#
    ),thon for... ever,thing e"se
    ?o#ern scri-ting "anguage
    Bi#e", use#
    0hose ),thon D.*
    Best. :anguage. Ever.
    )!(*
    Inter%-rocess /essage bus
    Nee#e# for e*tensibi"it,
    :i5e #%bus7 but a"so inter%/achine
    ?essage for/at: FSGN
    <ni* #o/ain soc5et connections
    No securit,
    cf()(r
    0onfiguration /anager
    Never nee# to restart BIND &0
    H"e*ib"e7 e*tensib"e configuration
    Not tra#itiona" <ni* configuration
    0hanges are i//e#iate I -ersistent
    ?ore "i5e a router or an a--"ication
    BIND 10
    0ore
    BoB
    /sg@
    cfg/gr
    G-tions
    c/#ct"
    auth
    *frin
    *frout
    6one/gr
    stats
    c)dct#
    <se# to contro" the server
    Juthenticates users
    Interacts with cfg/gr
    Kets -er%/o#u"e o-tions
    Interacts with /o#u"es
    0o//an#s "i5e 3refresh 6one4
    0urrent c"ient: bin#ct" ;0:I=
    Huture c"ients: web7 K<I7 new 0:I
    Su""ortin( 'i+rary:
    Data Source!
    I#ea sto"en fro/ )owerDNS
    Bac5%en# for authoritative DNS
    0urrent", S9:ite
    )"ans:
    ?,S9:7 )ostgreS9:
    Ber5e"e, DB
    In%/e/or, #ata structure;s=
    <se# b, auth7 *frin7 *frout7 "oa#6one
    Su""ortin( 'i+rary:
    DNS $e!!a(e
    :ow%"eve" DNS /essages ;-ac5ets=
    New 0CC i/-"e/entation
    ),thon wra--er
    auth
    Juthoritative DNS server
    DNS "ibrar,
    C #ata sources
    C I8G
    C bit of "ogic
    Sca"es via /u"ti-"e -rocesses
    I#ea sto"en fro/ NSD
    xfrout
    JLHR out7 to act as a /aster server
    DNS "ibrar,
    C #ata sources
    C I8G
    C bit of "ogic
    Sca"es via /u"ti-"e threa#s
    A ,ina# A!ide:
    -a!!in( Around ."en ,i#e!
    JLHR /essages co/e to auth
    <D) -ac5ets can be forwar#e#
    20) connections /ust go to *frout

    Sen# fi"e #escri-tor via sendmsg():

    SOL_SOCKET7 SCM_RIGHTS
    Bor5s on :inu*7 So"aris7 BSD
    xfrin
    JLHR in7 to act as a s"ave server
    DNS "ibrar, ;),thon=
    C #ata sources
    C I8G
    C bit of "ogic
    Sca"es via /u"ti-"e threa#s
    /one)(r
    Mone /anager7 ti/es s"ave refresh
    Data sources
    2hat1s itN
    Stati!tic!
    ?o#u"es re-ort stats
    0o""ecte# b, stats #ae/on
    )resent in various wa,s:
    Oia bin#ct"
    L?: over A22) ;BIND ! st,"e=
    SN?)
    -rivi#e(ed Soc0et 1reator
    )orts P &0$> restricte# to root
    DNS runs on -ort +D
    Be want to #ro- -er/issions JSJ)
    Be want -ort +D at an, ti/eN
    J#/inistrator /a, reconfigure
    So"ution: )rivi"ege# Soc5et 0reator
    S/a""7 sing"e -ur-ose 0CC -rogra/
    <ses fi"e #escri-tor tric5 to sen#
    soc5ets aroun#
    htt-s:88bin#&0.isc.org8wi5i8DesignDiagra/s
    S"on!or!

    You might also like