Dell 3-DNS Technical Information PDF herunterladen (Seite 6)

Migrating from Solaris 9 Enterprise Edition on Sun Fire V440 with BIND 8.3.3

to Solaris 10 Enterprise Edition on Dell PowerEdge R900 with BIND 9.3.5-P1

address some significant issues in the underlying architecture of

BIND. We discuss some of the differences between BIND 8 and

BIND 9 below.

Some of the important features of BIND 9 include the following:

• DNS security. BIND 9 greatly enhances security by

supporting standards such as Domain Name System

Security Extensions (DNSSEC) and Transaction Signature

(TSIG). DNSSEC adds such capabilities to DNS as origin

authentication of DNS data, data integrity, and

authenticated denial of existence. See www.dnssec.net

for

more details. TSIG helps secure DNS updates by securely

identifying each endpoint of the transaction. RFC1035

defines TSIG.

BIND 9 also addresses security holes in the architecture of

BIND 8. Because of a flaw that could allow a hacker to

redirect URLs to fraudulent Web sites, ISC formally retired

BIND 8 in September of 2007.

• IP version 6. Compared with IPv4, IPv6 vastly expands the

available addresses on the Internet. BIND 9 fully supports

all IPv6 address-to-name and name-to-address translations.

• Support for DNS protocol enhancements. BIND 9

supports a number of enhancements to DNS, including the

following:

o EDNS0, a version of Extension Mechanisms for DNS,

allows DNS packets larger than 500 bytes. RFC2671

defines EDNS0.

o Views allow BIND 9 to respond differently to internal

hosts than to external hosts.

o Multiprocessor support allows BIND 9 to spawn

threads and use the available processors to satisfy

all requests.

1 2 3 4 5 6 7 8 9 10 11 ... 39 40

Keine Kommentare

Dell 3-DNS Technical Information Seite 6