+ If key's sync publication date is set and in the past, + synchronization records (type CDS and/or CDNSKEY) are + created. +
++ If key's sync deletion date is set and in the past, + synchronization records (type CDS and/or CDNSKEY) are + removed. +
+ttlyes, no,
or a time format specifier, which may be one of
- local, iso8601 or
- iso8601-utc. If set to
+ local, iso8601 or
+ iso8601-utc. If set to
no, then the date and time will
not be logged. If set to yes
- or local, the date and time are logged
+ or local, the date and time are logged
in a human readable format, using the local time zone.
- If set to iso8601 the local time is
+ If set to iso8601 the local time is
logged in ISO8601 format. If set to
- iso8601-utc, then the date and time
+ iso8601-utc, then the date and time
are logged in ISO8601 format, with time zone set to
- UTC. The default is local.
+ UTC. The default is local.
print-time may @@ -3045,7 +3045,8 @@ badresp:1,adberr:0,findfail:0,valfail:0]
Specifies the directory in which to store the configuration parameters for zones added via rndc addzone. - By default, this is the working directory. + By default, this is the working directory. If set to a relative + path, it will be relative to the working directory.
Specifies the TTL to be returned on stale answers.
- The default is 1 second. The minimal allowed is
+ The default is 1 second. The minimum allowed is
also 1 second; a value of 0 will be updated silently
- to 1 second. For stale answers to be returned
+ to 1 second. For stale answers to be returned,
+ they must be enabled (either in the configuration file
+ using stale-answer-enable or via
+ rndc), and
max-stale-ttl must be set to a
- non zero value and they must not have been disabled
- by rndc.
+ nonzero value.
Enable the returning of stale answers when the
nameservers for the zone are not answering. This
- is off by default but can be enabled/disabled via
- rndc server-stale on and
- rndc server-stale off which
- override the named.conf setting. rndc
- server-stale reset will restore control
- via named.conf.
+ is off by default, but can be enabled/disabled via
+ rndc serve-stale on and
+ rndc serve-stale off, which
+ override the named.conf
+ setting. rndc serve-stale reset
+ restores the setting to the one specified in
+ named.conf. Note that
+ reloading or reconfiguring named
+ will not re-enable serving of stale records if they
+ have been disabled via rndc.
- This requirement will not affect anyone who is using BIND - without redistributing it, nor anyone redistributing it without - changes, therefore this change will be without consequence - for most individuals and organizations who are using BIND. + This requirement will not affect anyone who is using BIND, with + or without modifications, without redistributing it, nor anyone + redistributing it without changes. Therefore, this change will be + without consequence for most individuals and organizations who are + using BIND.
Those unsure whether or not the license change affects their @@ -112,10 +113,10 @@
- As of BIND 9.11.2, Windows XP is no longer a supported platform for - BIND, and Windows XP binaries are no longer available for download + As of BIND 9.11.2, Windows XP and Windows 2003 are no longer supported + platforms for BIND; "XP" binaries are no longer available for download from ISC.
@@ -343,13 +344,14 @@ zone's validated CDS or CDNSKEY records. It can produce adsset file suitable for input to
dnssec-signzone, or a series of
- nsupdate to update the parent zone via dynamic
- DNS. Thanks to Tony Finch for the contribution. [RT #46090]
+ nsupdate commands to update the parent zone
+ via dynamic DNS. Thanks to Tony Finch for the contribution.
+ [RT #46090]
- nsupdate and rndc now accepts + nsupdate and rndc now accept command line options -4 and -6 which force using only IPv4 or only IPv6, respectively. [RT #45632]
@@ -534,13 +536,17 @@ these algorithms must be supported in OpenSSL; currently they are only available in the development branch of OpenSSL at - https://github.com/openssl/openssl. + + https://github.com/openssl/openssl. [RT #44696]- EDNS KEY TAG options are verified and printed. + When parsing DNS messages, EDNS KEY TAG options are checked + for correctness. When printing messages (for example, in + dig), EDNS KEY TAG options are printed + in readable format.
- Fixed a bug that was introduced in an earlier development - release which caused multi-packet AXFR and IXFR messages to fail - validation if not all packets contained TSIG records; this - caused interoperability problems with some other DNS - implementations. [RT #45509] -
-Multiple cookie-secret clauses are now diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html index 6e508297af..0127511523 100644 --- a/doc/arm/Bv9ARM.html +++ b/doc/arm/Bv9ARM.html @@ -241,7 +241,7 @@
+ If key's sync publication date is set and in the past, + synchronization records (type CDS and/or CDNSKEY) are + created. +
++ If key's sync deletion date is set and in the past, + synchronization records (type CDS and/or CDNSKEY) are + removed. +
+ttl- This requirement will not affect anyone who is using BIND - without redistributing it, nor anyone redistributing it without - changes, therefore this change will be without consequence - for most individuals and organizations who are using BIND. + This requirement will not affect anyone who is using BIND, with + or without modifications, without redistributing it, nor anyone + redistributing it without changes. Therefore, this change will be + without consequence for most individuals and organizations who are + using BIND.
Those unsure whether or not the license change affects their @@ -72,10 +73,10 @@
- As of BIND 9.11.2, Windows XP is no longer a supported platform for - BIND, and Windows XP binaries are no longer available for download + As of BIND 9.11.2, Windows XP and Windows 2003 are no longer supported + platforms for BIND; "XP" binaries are no longer available for download from ISC.
@@ -303,13 +304,14 @@ zone's validated CDS or CDNSKEY records. It can produce adsset file suitable for input to
dnssec-signzone, or a series of
- nsupdate to update the parent zone via dynamic
- DNS. Thanks to Tony Finch for the contribution. [RT #46090]
+ nsupdate commands to update the parent zone
+ via dynamic DNS. Thanks to Tony Finch for the contribution.
+ [RT #46090]
- nsupdate and rndc now accepts + nsupdate and rndc now accept command line options -4 and -6 which force using only IPv4 or only IPv6, respectively. [RT #45632]
@@ -494,13 +496,17 @@ these algorithms must be supported in OpenSSL; currently they are only available in the development branch of OpenSSL at - https://github.com/openssl/openssl. + + https://github.com/openssl/openssl. [RT #44696]- EDNS KEY TAG options are verified and printed. + When parsing DNS messages, EDNS KEY TAG options are checked + for correctness. When printing messages (for example, in + dig), EDNS KEY TAG options are printed + in readable format.
- Fixed a bug that was introduced in an earlier development - release which caused multi-packet AXFR and IXFR messages to fail - validation if not all packets contained TSIG records; this - caused interoperability problems with some other DNS - implementations. [RT #45509] -
-Multiple cookie-secret clauses are now