| Port details |
- bind911 BIND DNS suite with updated DNSSEC and DNS64
- 9.11.37_1 dns
 =13       9.11.37_1Version of this port present on the latest quarterly branch.  DEPRECATED: End of life, please migrate to a newer version of BIND9
 This port expired on: 2022-03-31
- Maintainer: mat@FreeBSD.org
- Port Added: 2016-07-04 09:47:39
- Last Update: 2022-03-31 20:31:14
- Commit Hash: 97cf09b
- People watching this port, also watch:: pkg, sudo, git, openjdk8, gnupg
- Also Listed In: net
- License: MPL20
- WWW:
- https://www.isc.org/bind/
- Description:
- BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND
architecture. Some of the important features of BIND 9 are:
DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests)
IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA)
Experimental IPv6 Resolver Library
DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0
Improved standards conformance
Views: One server process can provide multiple "views" of the DNS namespace,
e.g. an "inside" view to certain clients, and an "outside" view to others.
Multiprocessor Support
See the CHANGES file for more information on new features.
WWW: https://www.isc.org/bind/
  ¦  ¦  ¦  ¦ 
- Manual pages:
-
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- Conflicts:
- CONFLICTS:
- bind9[0-9][0-9]
- bind9-devel
- No installation instructions:
- This port has been deleted.
- PKGNAME: bind911
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1648017812
SHA256 (bind-9.11.37.tar.gz) = 0d8efbe7ec166ada90e46add4267b7e7c934790cba9bd5af6b8380a4fbfb5aff
SIZE (bind-9.11.37.tar.gz) = 8314894
No package information for this port in our database- Sometimes this happens. Not all ports have packages. Perhaps there is a build error. Check the fallout link:
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- pkgconf>=1.3.0_1 : devel/pkgconf
- Runtime dependencies:
-
- bind-tools>0 : dns/bind-tools
- Library dependencies:
-
- libxml2.so : textproc/libxml2
- libfstrm.so : devel/fstrm
- libprotobuf-c.so : devel/protobuf-c
- libidn2.so : dns/libidn2
- libjson-c.so : devel/json-c
- liblmdb.so : databases/lmdb
- libedit.so.0 : devel/libedit
- There are no ports dependent upon this port
Configuration Options:- ===> The following configuration options are available for bind911-9.11.37_1:
ACCFDNS=off: Prefer DNS accept filter over generic one
DNSTAP=on: Provides fast passive logging of DNS messages
DOCS=on: Build and/or install documentation
FILTER_AAAA=on: Enable filtering of AAAA records
FIXED_RRSET=off: Enable fixed rrset ordering
GEOIP=off: GeoIP IP location support
IDN=on: International Domain Names support
IPV6=on: IPv6 protocol support
JSON=on: JSON file/format/parser support
LARGE_FILE=off: 64-bit file support
LMDB=on: Use LMDB for zone management
MINCACHE=off: Use the mincachettl patch
PORTREVISION=off: Show PORTREVISION in the version string
QUERYTRACE=off: Enable the very verbose query tracelogging
RPZ_NSDNAME=on: Enable RPZ NSDNAME policy records
RPZ_NSIP=on: Enable RPZ NSIP trigger rules
SIGCHASE=on: dig/host/nslookup will do DNSSEC validation
START_LATE=off: Start BIND late in the boot process (see help)
TCP_FASTOPEN=on: RFC 7413 support
THREADS=on: Threading support
TUNING_LARGE=off: Tune named for large systems (**READ HELP**)
====> Dynamically Loadable Zones
DLZ_POSTGRESQL=off: DLZ Postgres driver
DLZ_MYSQL=off: DLZ MySQL driver (no threading)
DLZ_BDB=off: DLZ BDB driver
DLZ_LDAP=off: DLZ LDAP driver
DLZ_FILESYSTEM=on: DLZ filesystem driver
DLZ_STUB=off: DLZ stub driver
====> GSSAPI Security API support: you have to select exactly one of them
GSSAPI_BASE=off: Using Heimdal in base
GSSAPI_HEIMDAL=off: Using security/heimdal
GSSAPI_MIT=off: Using security/krb5
GSSAPI_NONE=on: Disable
====> Choose which crypto engine to use: you can only select none or one of them
SSL=on: Build with OpenSSL (Required for DNSSEC)
NATIVE_PKCS11=off: Use PKCS#11 native API (**READ HELP**)
===> Use 'make config' to modify these settings
- Options name:
- dns_bind911
- USES:
- cpe libedit pkgconfig iconv ssl
- pkg-message:
- For install:
- BIND requires configuration of rndc, including a "secret"
key. The easiest, and most secure way to configure rndc is
to run 'rndc-confgen -a' to generate the proper conf file,
with a new random key, and appropriate file permissions.
The /usr/local/etc/rc.d/named script will do that for you.
If using syslog to log the BIND9 activity, and using a
chroot'ed installation, you will need to tell syslog to install
a log socket in the BIND9 chroot by running:
# sysrc altlog_proglist+=named
And then restarting syslogd with: service syslogd restart
- Master Sites:
|
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
9.11.0P3
11 Apr 2017 13:59:43
    |
mat |
Remove private URLs that should never have been committed.
Pointy hat: mat
Sponsored by: Absolight |
9.11.0P3
08 Feb 2017 22:39:28
|
mat |
Update to 9.9.9-P6, 9.10.4-P6 and 9.11.0-P3.
While there, remove the RPZ_PATCH for BIND9 9.9, it has not been updated
for years, and, it does not build any more.
MFH: 2017Q1
Security: CVE-2017-3135
Sponsored by: Absolight |
9.11.0P2_1
12 Jan 2017 08:15:41
|
mat |
Commit the cleanups that should have gone in with the pervious update.
Sponsored by: Absolight |
9.11.0P2
12 Jan 2017 07:30:00
|
delphij |
Security update to 9.11.0-P2.
Approved by: so
Security: d4c7e9a9-d893-11e6-9b4d-d050996490d0
MFH: 2017Q1 |
9.11.0P1_1
09 Dec 2016 15:40:35
|
mat |
Switch bind-tools to BIND9 9.11.
Sponsored by: Absolight |
9.11.0P1_1
09 Dec 2016 15:40:32
|
mat |
Cleanup CONFLICTS.
Sponsored by: Absolight |
9.11.0P1_1
09 Dec 2016 15:02:37
|
mat |
Fixup libedit for all BIND9 ports, and fix spurious json dependency by
adding an option.
PR: 215170
Reported by: sunpoet
Sponsored by: Absolight |
9.11.0P1
02 Nov 2016 06:38:48
|
delphij |
Security update:
dns/bind99: 9.9.9-P3 -> 9.9.9-P4
dns/bind910: 9.10.4-P3 -> 9.10.4-P4
dns/bind911: 9.11.0 -> 9.11.0-P1
Security: CVE-2016-8864
Submitted by: mat
MFH: 2016Q4 |
9.11.0
04 Oct 2016 22:35:31
|
mat |
Update to 9.11.0
Changes: https://lists.isc.org/pipermail/bind-announce/2016-October/001007.html
Sponsored by: Absolight |
9.11.0.rc3
04 Oct 2016 14:37:34
|
mat |
Remarke MAKE_JOBS_UNSAFE everywhere.
Sponsored by: Absolight |
9.11.0.rc3
30 Sep 2016 12:44:28
|
mat |
So, on 9, it is failing to build it with jobs.
It builds .a before all the .o that are supposed to go in the .a are
built. Imagine what happens after that...
Reported by: Craig Leres
Sponsored by: Absolight |
9.11.0.rc3
28 Sep 2016 12:55:09
|
mat |
Remove MAKE_JOBS_UNSAFE for BIND9.
It was added in 2009 in r232247 without the reason it was failing, I've
tried with -J 2-10, and can't have one of the BIND9 port fail.
Feel free to add it back, but please, add the reason why it fails.
Sponsored by: Absolight |
9.11.0.rc3
27 Sep 2016 16:10:22
|
mat |
Update BIND9 to latest versions, 9.9.9-P3, 9.10.4-P3, 9.11.0rc3
MFH: 2016Q3
Security: CVE-2016-2776
Sponsored by: Absolight |
9.11.0.rc1
31 Aug 2016 12:06:24
|
mat |
The START_LATE option is not needed by bind-tools.
Sponsored by: Absolight |
9.11.0.rc1
31 Aug 2016 11:59:05
|
mat |
The NEWSTATS and RRL options were removed in BIND9 9.10, so remove them
from here, also, make the upstream default options default for real.
While there, put back the BIND_TOOLS knobs in bind9-devel.
Sponsored by: Absolight |
9.11.0.rc1
31 Aug 2016 11:58:51
|
mat |
Update to 9.11.0rc1.
While there, remove obsolete configure options, and set as default the
one that default to yes.
Changes: https://lists.isc.org/pipermail/bind-announce/2016-August/001002.html
Sponsored by: Absolight |
9.11.0.b3
03 Aug 2016 13:27:59
|
mat |
Update to 9.11.0b3.
MFH: 2016Q3
Security: CVE-2016-2775
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/001001.html
Sponsored by: Absolight |
9.11.0.b2
19 Jul 2016 11:30:38
|
mat |
BIND9 update, 9.9.9-P2, 9.10.4-P2, 9.11.0b2 and latest 9.12 snapshot.
MFH: 2016Q3
Security: CVE-2016-2775
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000996.html
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000997.html
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000998.html
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000999.html
Sponsored by: Absolight |
9.11.0.b1
04 Jul 2016 09:47:25
|
mat |
Introduce BIND9 9.11.0b1. (beta1)
BIND 9.11 brings many changes to BIND, including a new license
(the Mozilla Public License 2.0 -- you can read about it here:
https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/)
and many new features, including:
- Catalog zones, a new way to provision zones on slave servers
- dyndb api, a fast new api enabling BIND to serve zones stored
in a database (Developed by Petr Spacek of RedHat)
- RNDC showzone, view-only mode and other improvements
- dnstap query and response logging (Robert Edmonds is the author
of dnstap, see www.dnstap.info)
- EDNS Client-subnet (authoritative server functions)
- DNSSEC key manager, a new utility (Thanks to Sebastian Castro
for helping with development.)
- Automatic CDS/CDSKEY generation
- Negative Trust Anchors for DNSSEC validators
- IPv6 bias to encourage use of IPv6 DNS servers
- Minimal response to "any" queries (Thanks to Tony Finch for
the contribution)
- DNS Cookies are now enabled by default, using the standardized code point
Changes: https://lists.isc.org/pipermail/bind-announce/2016-June/000994.html
Sponsored by: Absolight |
As an Amazon Associate I earn from qualifying purchases.