bind9-devel BIND DNS suite with updated DNSSEC and DNS64

9.17.4.a0.2020.10.15 dns =2 9.17.4.a0.2020.09.14Version of this port present on the latest quarterly branch.

Maintainer: mat@FreeBSD.org

Port Added: 2015-11-05 15:01:37

Last Update: 2020-10-19 18:01:59

SVN Revision: 552752

People watching this port, also watch: postfix-policyd-sf, bundy, bind911, perl5-devel

Also Listed In: net

License: MPL20

Description:

BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND architecture. Some of the important features of BIND 9 are: DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests) IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA) Experimental IPv6 Resolver Library DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0 Improved standards conformance Views: One server process can provide multiple "views" of the DNS namespace, e.g. an "inside" view to certain clients, and an "outside" view to others. Multiprocessor Support See the CHANGES file for more information on new features. WWW: https://www.isc.org/downloads/bind/

SVNWeb : Homepage

pkg-plist: as obtained via: make generate-plist

Expand this list (337 items)

Collapse this list.

1. /usr/local/share/licenses/bind9-devel-9.17.4.a0.2020.10.15/catalog.mk
2. /usr/local/share/licenses/bind9-devel-9.17.4.a0.2020.10.15/LICENSE
3. /usr/local/share/licenses/bind9-devel-9.17.4.a0.2020.10.15/MPL20
4. bin/dnstap-read
5. bin/named-checkconf
6. bin/named-checkzone
7. bin/named-compilezone
8. bin/named-journalprint
9. bin/named-nzd2nzf
10. @comment bin/pkcs11-destroy
11. @comment bin/pkcs11-keygen
12. @comment bin/pkcs11-list
13. @comment bin/pkcs11-tokens
14. @sample etc/mtree/BIND.chroot.dist.sample
15. @sample etc/mtree/BIND.chroot.local.dist.sample
16. etc/namedb/bind.keys
17. etc/namedb/master/empty.db
18. etc/namedb/master/localhost-forward.db
19. etc/namedb/master/localhost-reverse.db
20. @sample etc/namedb/named.conf.sample
21. etc/namedb/named.root
22. etc/namedb/rndc.conf.sample
23. include/bind9/check.h
24. include/bind9/getaddresses.h
25. include/dns/acl.h
26. include/dns/adb.h
27. include/dns/badcache.h
28. include/dns/bit.h
29. include/dns/byaddr.h
30. include/dns/cache.h
31. include/dns/callbacks.h
32. include/dns/catz.h
33. include/dns/cert.h
34. include/dns/client.h
35. include/dns/clientinfo.h
36. include/dns/compress.h
37. include/dns/db.h
38. include/dns/dbiterator.h
39. include/dns/dbtable.h
40. include/dns/diff.h
41. include/dns/dispatch.h
42. include/dns/dlz.h
43. include/dns/dlz_dlopen.h
44. include/dns/dns64.h
45. include/dns/dnsrps.h
46. include/dns/dnssec.h
47. include/dns/dnstap.h
48. include/dns/ds.h
49. include/dns/dsdigest.h
50. include/dns/dyndb.h
51. include/dns/ecs.h
52. include/dns/edns.h
53. include/dns/enumclass.h
54. include/dns/enumtype.h
55. include/dns/events.h
56. include/dns/fixedname.h
57. include/dns/forward.h
58. include/dns/geoip.h
59. include/dns/ipkeylist.h
60. include/dns/iptable.h
61. include/dns/journal.h
62. include/dns/kasp.h
63. include/dns/keydata.h
64. include/dns/keyflags.h
65. include/dns/keymgr.h
66. include/dns/keytable.h
67. include/dns/keyvalues.h
68. include/dns/lib.h
69. include/dns/librpz.h
70. include/dns/log.h
71. include/dns/lookup.h
72. include/dns/master.h
73. include/dns/masterdump.h
74. include/dns/message.h
75. include/dns/name.h
76. include/dns/ncache.h
77. include/dns/nsec.h
78. include/dns/nsec3.h
79. include/dns/nta.h
80. include/dns/opcode.h
81. include/dns/order.h
82. include/dns/peer.h
83. include/dns/portlist.h
84. include/dns/private.h
85. include/dns/rbt.h
86. include/dns/rcode.h
87. include/dns/rdata.h
88. include/dns/rdataclass.h
89. include/dns/rdatalist.h
90. include/dns/rdataset.h
91. include/dns/rdatasetiter.h
92. include/dns/rdataslab.h
93. include/dns/rdatastruct.h
94. include/dns/rdatatype.h
95. include/dns/request.h
96. include/dns/resolver.h
97. include/dns/result.h
98. include/dns/rootns.h
99. include/dns/rpz.h
100. include/dns/rriterator.h
101. include/dns/rrl.h
102. include/dns/sdb.h
103. include/dns/sdlz.h
104. include/dns/secalg.h
105. include/dns/secproto.h
106. include/dns/soa.h
107. include/dns/ssu.h
108. include/dns/stats.h
109. include/dns/tcpmsg.h
110. include/dns/time.h
111. include/dns/timer.h
112. include/dns/tkey.h
113. include/dns/tsec.h
114. include/dns/tsig.h
115. include/dns/ttl.h
116. include/dns/types.h
117. include/dns/update.h
118. include/dns/validator.h
119. include/dns/view.h
120. include/dns/xfrin.h
121. include/dns/zone.h
122. include/dns/zonekey.h
123. include/dns/zoneverify.h
124. include/dns/zt.h
125. include/dst/dst.h
126. include/dst/gssapi.h
127. include/dst/result.h
128. include/irs/resconf.h
129. include/isc/aes.h
130. include/isc/align.h
131. include/isc/app.h
132. include/isc/assertions.h
133. include/isc/astack.h
134. include/isc/atomic.h
135. include/isc/attributes.h
136. include/isc/backtrace.h
137. include/isc/base32.h
138. include/isc/base64.h
139. include/isc/bind9.h
140. include/isc/buffer.h
141. include/isc/bufferlist.h
142. include/isc/cmocka.h
143. include/isc/commandline.h
144. include/isc/condition.h
145. include/isc/counter.h
146. include/isc/crc64.h
147. include/isc/deprecated.h
148. include/isc/dir.h
149. include/isc/endian.h
150. include/isc/errno.h
151. include/isc/errno2result.h
152. include/isc/error.h
153. include/isc/event.h
154. include/isc/eventclass.h
155. include/isc/file.h
156. include/isc/formatcheck.h
157. include/isc/fsaccess.h
158. include/isc/fuzz.h
159. include/isc/glob.h
160. include/isc/hash.h
161. include/isc/heap.h
162. include/isc/hex.h
163. include/isc/hmac.h
164. include/isc/hp.h
165. include/isc/ht.h
166. include/isc/httpd.h
167. include/isc/interfaceiter.h
168. include/isc/iterated_hash.h
169. include/isc/lang.h
170. include/isc/lex.h
171. include/isc/lib.h
172. include/isc/likely.h
173. include/isc/list.h
174. include/isc/log.h
175. include/isc/magic.h
176. include/isc/md.h
177. include/isc/mem.h
178. include/isc/meminfo.h
179. include/isc/mutex.h
180. include/isc/mutexatomic.h
181. include/isc/mutexblock.h
182. include/isc/net.h
183. include/isc/netaddr.h
184. include/isc/netdb.h
185. include/isc/netmgr.h
186. include/isc/netscope.h
187. include/isc/nonce.h
188. include/isc/offset.h
189. include/isc/once.h
190. include/isc/os.h
191. include/isc/parseint.h
192. include/isc/platform.h
193. include/isc/pool.h
194. include/isc/portset.h
195. include/isc/print.h
196. include/isc/queue.h
197. include/isc/quota.h
198. include/isc/radix.h
199. include/isc/random.h
200. include/isc/ratelimiter.h
201. include/isc/readline.h
202. include/isc/refcount.h
203. include/isc/regex.h
204. include/isc/region.h
205. include/isc/resource.h
206. include/isc/result.h
207. include/isc/resultclass.h
208. include/isc/rwlock.h
209. include/isc/safe.h
210. include/isc/serial.h
211. include/isc/siphash.h
212. include/isc/sockaddr.h
213. include/isc/socket.h
214. include/isc/stat.h
215. include/isc/stats.h
216. include/isc/stdatomic.h
217. include/isc/stdio.h
218. include/isc/stdtime.h
219. include/isc/strerr.h
220. include/isc/string.h
221. include/isc/symtab.h
222. include/isc/syslog.h
223. include/isc/task.h
224. include/isc/taskpool.h
225. include/isc/thread.h
226. include/isc/time.h
227. include/isc/timer.h
228. include/isc/tm.h
229. include/isc/types.h
230. include/isc/utf8.h
231. include/isc/util.h
232. include/isccc/alist.h
233. include/isccc/base64.h
234. include/isccc/cc.h
235. include/isccc/ccmsg.h
236. include/isccc/events.h
237. include/isccc/result.h
238. include/isccc/sexpr.h
239. include/isccc/symtab.h
240. include/isccc/symtype.h
241. include/isccc/types.h
242. include/isccc/util.h
243. include/isccfg/aclconf.h
244. include/isccfg/cfg.h
245. include/isccfg/dnsconf.h
246. include/isccfg/grammar.h
247. include/isccfg/kaspconf.h
248. include/isccfg/log.h
249. include/isccfg/namedconf.h
250. include/ns/client.h
251. include/ns/hooks.h
252. include/ns/interfacemgr.h
253. include/ns/lib.h
254. include/ns/listenlist.h
255. include/ns/log.h
256. include/ns/notify.h
257. include/ns/query.h
258. include/ns/server.h
259. include/ns/sortlist.h
260. include/ns/stats.h
261. include/ns/types.h
262. include/ns/update.h
263. include/ns/xfrout.h
264. include/pk11/constants.h
265. include/pk11/internal.h
266. include/pk11/pk11.h
267. include/pk11/result.h
268. include/pk11/site.h
269. include/pkcs11/pkcs11.h
270. lib/bind/filter-aaaa.so
271. lib/libbind9.so
272. lib/libbind9.so.1701
273. lib/libbind9.so.1701.0.2
274. lib/libdns.so
275. lib/libdns.so.1705
276. lib/libdns.so.1705.0.0
277. lib/libirs.so
278. lib/libirs.so.1701
279. lib/libirs.so.1701.0.0
280. lib/libisc.so
281. lib/libisc.so.1704
282. lib/libisc.so.1704.0.1
283. lib/libisccc.so
284. lib/libisccc.so.1702
285. lib/libisccc.so.1702.0.0
286. lib/libisccfg.so
287. lib/libisccfg.so.1702
288. lib/libisccfg.so.1702.0.0
289. lib/libns.so
290. lib/libns.so.1703
291. lib/libns.so.1703.0.1
292. @comment lib/named/filter-aaaa.so
293. @comment man/man1/arpaname.1.gz
294. @comment man/man1/delv.1.gz
295. @comment man/man1/dig.1.gz
296. @comment man/man1/dnssec-cds.1.gz
297. @comment man/man1/dnssec-dsfromkey.1.gz
298. @comment man/man1/dnssec-importkey.1.gz
299. @comment man/man1/dnssec-keyfromlabel.1.gz
300. @comment man/man1/dnssec-keygen.1.gz
301. @comment man/man1/dnssec-revoke.1.gz
302. @comment man/man1/dnssec-settime.1.gz
303. @comment man/man1/dnssec-signzone.1.gz
304. @comment man/man1/dnssec-verify.1.gz
305. man/man1/dnstap-read.1.gz
306. @comment man/man1/host.1.gz
307. @comment man/man1/mdig.1.gz
308. man/man1/named-checkconf.1.gz
309. man/man1/named-checkzone.1.gz
310. man/man1/named-journalprint.1.gz
311. man/man1/named-nzd2nzf.1.gz
312. @comment man/man1/named-rrchecker.1.gz
313. @comment man/man1/nsec3hash.1.gz
314. @comment man/man1/nslookup.1.gz
315. @comment man/man1/nsupdate.1.gz
316. @comment man/man1/pkcs11-destroy.1.gz
317. @comment man/man1/pkcs11-keygen.1.gz
318. @comment man/man1/pkcs11-list.1.gz
319. @comment man/man1/pkcs11-tokens.1.gz
320. man/man5/named.conf.5.gz
321. man/man5/rndc.conf.5.gz
322. man/man8/filter-aaaa.8.gz
323. man/man8/named.8.gz
324. man/man8/rndc-confgen.8.gz
325. man/man8/rndc.8.gz
326. man/man8/tsig-keygen.8.gz
327. sbin/ddns-confgen
328. sbin/named
329. sbin/rndc
330. sbin/rndc-confgen
331. sbin/tsig-keygen
332. @dir(bind,bind,) etc/namedb/dynamic
333. @dir(bind,bind,) etc/namedb/slave
334. @dir(bind,bind,) etc/namedb/working
335. @owner
336. @group
337. @mode

Collapse this list.

Dependency lines:

• bind9-devel>0:dns/bind9-devel

Conflicts:

CONFLICTS:

• bind911
• bind912
• bind913
• bind914
• bind916

Conflicts Matches:

There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/dns/bind9-devel/ && make install clean

To add the package: pkg install bind9-devel

PKGNAME: bind9-devel

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1603107321 SHA256 (isc-projects-bind9-a63ac933bb9116d374ca00cacf9444f8ff5f2cce_GL0.tar.gz) = 0c67ad9e283a79a59ed3c67a33650dec920ecff70af5f7a8f4b7bf5c7740f432 SIZE (isc-projects-bind9-a63ac933bb9116d374ca00cacf9444f8ff5f2cce_GL0.tar.gz) = 4356534

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

1. sphinx-build : textproc/py-sphinx
2. pkgconf>=1.3.0_1 : devel/pkgconf
3. autoconf>=2.69 : devel/autoconf
4. automake>=1.16.1 : devel/automake
5. libtoolize : devel/libtool

Runtime dependencies:

1. bind-tools>0 : dns/bind-tools

Library dependencies:

1. libuv.so : devel/libuv
2. libxml2.so : textproc/libxml2
3. libfstrm.so : devel/fstrm
4. libprotobuf-c.so : devel/protobuf-c
5. libidn2.so : dns/libidn2
6. libjson-c.so : devel/json-c
7. liblmdb.so : databases/lmdb
8. libedit.so.0 : devel/libedit
9. libiconv.so : converters/libiconv

There are no ports dependent upon this port

Configuration Options

===> The following configuration options are available for bind9-devel-9.17.4.a0.2020.10.15: DNSTAP=on: Provides fast passive logging of DNS messages DOCS=on: Build and/or install documentation FIXED_RRSET=off: Enable fixed rrset ordering GEOIP=off: GeoIP IP location support IDN=on: International Domain Names support JSON=on: JSON file/format/parser support LARGE_FILE=off: 64-bit file support LMDB=on: Use LMDB for zone management MANPAGES=on: Build and/or install manual pages OVERRIDECACHE=off: Use the override-cache patch PORTREVISION=off: Show PORTREVISION in the version string QUERYTRACE=off: Enable the very verbose query tracelogging START_LATE=off: Start BIND late in the boot process (see help) TCP_FASTOPEN=on: RFC 7413 support ====> Dynamically Loadable Zones DLZ_BDB=off: DLZ BDB driver DLZ_FILESYSTEM=on: DLZ filesystem driver DLZ_LDAP=off: DLZ LDAP driver DLZ_MYSQL=off: DLZ MySQL driver (no threading) DLZ_POSTGRESQL=off: DLZ Postgres driver DLZ_STUB=off: DLZ stub driver ====> GSSAPI Security API support: you have to select exactly one of them GSSAPI_BASE=off: Using Heimdal in base GSSAPI_HEIMDAL=off: Using security/heimdal GSSAPI_MIT=off: Using security/krb5 GSSAPI_NONE=on: Disable ====> Choose which crypto engine to use: you can only select none or one of them NATIVE_PKCS11=off: Use PKCS#11 native API (**READ HELP**) ===> Use 'make config' to modify these settings

USES:

autoreconf compiler:c11 cpe libedit libtool pkgconfig ssl tar:bz2 iconv

Master Sites:

Expand this list (5 items)

Collapse this list.
1. http://distcache.FreeBSD.org/local-distfiles/mat/bind/
2. http://distcache.eu.FreeBSD.org/local-distfiles/mat/bind/
3. http://distcache.us-east.FreeBSD.org/local-distfiles/mat/bind/
4. http://distcache.us-west.FreeBSD.org/local-distfiles/mat/bind/
5. https://gitlab.isc.org/isc-projects/bind9/repository/a63ac933bb9116d374ca00cacf9444f8ff5f2cce/archive.tar.gz?dummy=/
Collapse this list.

• 2015-03-24

  Affects: users of dns/bind9*

  Author: mat@FreeBSD.org

  Reason: 
    This is only for FreeBSD 10.0+.
  
    BIND auto chroot has been added back to the named rc script.  As enabling it
    by default would most certainly break people's setup, it is not.  To enable
    it, and chroot it in /var/named, add the following line to your rc.conf file:
  
    named_chrootdir="/var/named"
  
    On first launch, the rc script will move the /usr/local/etc/namedb directory
    into the chroot, and create a symlink to it.
  
    Note that, if you're running from within a jail, you need to have a
    /var/named/dev devfs created beforehand, with the null and random devices.
  
  

Expand this list ( items)Collapse this list.



• 2013-11-12

  Affects: users of dns/bind9*

  Author: erwin@FreeBSD.org

  Reason: 
    All bind9 ports have been updated to support FreeBSD 10.x after
    BIND was removed from the base system.  It is now self-contained
    in ${PREFIX}/etc/namedb, and chroot and symlinking options are
    no longer supported out of the box.
  
    For users of FreeBSD 9.x and earlier, the LINKS option is no longer
    enabled by default, but still supported.  No other changes should
    affect those users, and updating without changing already set options
    will keep the system in the same state.
  
  

Collapse this list.

• port moved here from dns/bind913 on 2019-05-16
  REASON: Remove outdated development version
  

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Garbage collect the SIGCHASE option, it was removed in 9.12.

PR:		248938
Submitted by:	John Hein

Package filter-aaaa.so again.

Fix build with Heimdal.

PR:		246591
Submitted by:	epopen gmail com

Enabled DNSTAP by default.

The ISC recommends having it by default (it is in the packages they
distribute) and the footprint of the dependecies is very small.

While there, cleanup plists.

PR:		237861
Reported by:	Greg Rivers

Remove the TUNING_LARGE option, it is now a no-op.

PR:		244391
Submitted by:	Leo Vandewoestijne

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

While there, move named-journalprint from bind-tools to bind9, it is
only useful on machines with BIND9 running, where journal files actually
exist.  The man page was already in the correct port.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

While here, fix the bind-min-override-ttl patch. [1]

Submitted by:	Andre Albsmeier [1]

Bump PORTREVISION for devel/json-c json-c

Add a hook to be able to build dns/bind-tools with dns/bind9-devel.

While there, fixup patches.

Update to latest commits.

Man pages are back.

Update to latest commit.

BIND9 switched to using autoconf, this broke a few things, for example,
man pages are not there any more, plugins are somehow missing too.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Remvoe the scary pkg-message from BIND9 9.16.

And make a note that it needs to be removed when a new release comes
along, so that I don't forget next year.

Reported by:	Matthias Fechner

Add forgotten CONFLICTS lines.

Add a couple of things here to ease future new releases.

Update to latest commit.

Update to latest commit.

While there, run portfmt.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Fixes a startup issue.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Security:	CVE-2019-6475, CVE-2019-6476

Update to latest commit.

Drop the ipv6 virtual category for d* category as it is not relevant anymore

Update to latest commit.

Update to latest commit.

Update ti latest commit.

Add GEOIP back here too.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Convert BIND9's pkg-message files to UCL.

Update to latest commit.

Fix build when not using WITH_DEBUG.

Reported by:	pkg-fallout@

Fix named when using plugins and chroot.

BIND9 introduced plugins and migrated the filter-aaaa feature to a
plugin.
As it loads its plugins late in the startup process (read after chroot),
the plugins need to be available in the chroot.

Also, refactor the code now that a second directory need to be handled.

PR:		238011
Reported by:	ryan@timewasted.me
MFH:		2019Q2

Update to latest commit.

For some reason, this does not always get picked up correctly.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Prevent bind-tools from inheriting CONFLICTS.

I don't see how this can be a problem as bind-tools is never built after
bind9*.

Reported by:	Matthew D. Fuller

Switch to using OPTIONS_EXCLUDE to avoid picking up strays.

If you had things installed, say, lmdb, it would be picked up and linked
with.

Reported by:	sunpoet

Remove conflicts from bind-tools and the server ports.

All servers now depend on the same bind-tools, from the latest BIND9
release.

Chase dependencies to make sure they now depend on the correct port.

Differential Revision:	https://reviews.freebsd.org/D19922

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Make WITH_DEBUG actually build and be as helpful as possible.

Update to latest commit.

Update WWW.

PR:		236196
Submitted by:	Leonid Nevecherya

Update to latest commit.

Update to latest commit.

Add BIND 9.14.0 first release candidate.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update dns/libidn2 to 2.1.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS

Update to latest commit.

Use official patch instead of my half baked one.

No functionnal changes.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Remove GeoIP-related options. Where possible, replace GeoIP 1 defaults
with GeoIP 2.

Also, as suggested by zi, add an UPDATING note about this.

Update to latest commit.

Update dns/libidn2 to 2.1.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS

Update to latest commit.

Update to latest commit.

While there, rename MINCACHE option, most of its features have been
integrated in BIND9, the only remaining bit of the patch is the override
cache feature to force all cached TTL to a specific one.

Update to 9.11.5-P1, 9.12.3-P1, 9.13.5.

While there:
- Don't disable symbol table generation when building WITH_DEBUG.
- Try and make sure nullfs can really be used in a more robustt and
  centralized way.
- Make sure all changes are sync'ed among all BIND9 ports.

12 vulnerabilities affecting 83 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2020-10-19 10:27:15