diff --git a/CHANGES b/CHANGES
index 8a1c31f065..34a487bb88 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,15 @@
+5258. [func] Added support for the GeoIP2 API from MaxMind. This
+ will be compiled in by default if the "libmaxminddb"
+ library is found at compile time, but can be
+ suppressed using "configure --without-geoip2".
+ The legacy GeoIP API can be enabled by using
+ "configure --with-geoip". This cannot be used
+ together with GeoIP2.
+
+ Certain geoip ACL settings that were available with
+ legacy GeoIP are not available when using GeoIP2.
+ [GL #182]
+
5257. [bug] Some statistics data was not being displayed.
Add shading to the zone tables. [GL #1030]
diff --git a/README b/README
index a964b5afb8..a5655f0dad 100644
--- a/README
+++ b/README
@@ -105,7 +105,10 @@ format-patch.
BIND 9.15 features
BIND 9.15 is the newest development branch of BIND 9. It includes a number
-of changes from BIND 9.14 and earlier releases.
+of changes from BIND 9.14 and earlier releases. New features include:
+
+ * Support for the new GeoIP2 geolocation API
+ * Improved DNSSEC key configuration using dnssec-keys
Building BIND
@@ -136,7 +139,7 @@ make depend. If you're using Emacs, you might find make tags helpful.
Several environment variables that can be set before running configure
will affect compilation:
- Variable Description
+Variable Description
CC The C compiler to use. configure tries to figure out the
right one for supported systems.
C compiler flags. Defaults to include -g and/or -O2 as
@@ -243,11 +246,8 @@ default, installation is into /usr/local, but this can be changed with the
You may specify the option --sysconfdir to set the directory where
configuration files like named.conf go by default, and --localstatedir to
-set the default parent directory of run/named.pid. For backwards
-compatibility with BIND 8, --sysconfdir defaults to /etc and
---localstatedir defaults to /var if no --prefix option is given. If there
-is a --prefix option, sysconfdir defaults to $prefix/etc and localstatedir
-defaults to $prefix/var.
+set the default parent directory of run/named.pid. --sysconfdir defaults
+to $prefix/etc and --localstatedir defaults to $prefix/var.
Automated testing
@@ -290,7 +290,7 @@ development BIND 9 is included in the file CHANGES, with the most recent
changes listed first. Change notes include tags indicating the category of
the change that was made; these categories are:
- Category Description
+Category Description
[func] New feature
[bug] General bug fix
[security] Fix for a significant security flaw
@@ -341,23 +341,21 @@ Acknowledgments
* The original development of BIND 9 was underwritten by the following
organizations:
- Sun Microsystems, Inc.
- Hewlett Packard
- Compaq Computer Corporation
- IBM
- Process Software Corporation
- Silicon Graphics, Inc.
- Network Associates, Inc.
- U.S. Defense Information Systems Agency
- USENIX Association
- Stichting NLnet - NLnet Foundation
- Nominum, Inc.
+ Sun Microsystems, Inc.
+ Hewlett Packard
+ Compaq Computer Corporation
+ IBM
+ Process Software Corporation
+ Silicon Graphics, Inc.
+ Network Associates, Inc.
+ U.S. Defense Information Systems Agency
+ USENIX Association
+ Stichting NLnet - NLnet Foundation
+ Nominum, Inc.
* This product includes software developed by the OpenSSL Project for
use in the OpenSSL Toolkit. http://www.OpenSSL.org/
-
* This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com)
-
* This product includes software written by Tim Hudson
(tjh@cryptsoft.com)
diff --git a/README.md b/README.md
index 4241e3fcb1..198303d0cb 100644
--- a/README.md
+++ b/README.md
@@ -120,7 +120,11 @@ including your patch as an attachment, preferably generated by
### BIND 9.15 features
BIND 9.15 is the newest development branch of BIND 9. It includes a
-number of changes from BIND 9.14 and earlier releases.
+number of changes from BIND 9.14 and earlier releases. New features
+include:
+
+* Support for the new GeoIP2 geolocation API
+* Improved DNSSEC key configuration using `dnssec-keys`
### Building BIND
diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index b5db249e82..6f0deec264 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -113,6 +113,37 @@
New Features
+
+
+ The GeoIP2 API from MaxMind is now supported. Geolocation support
+ will be compiled in by default if the libmaxminddb
+ library is found at compile time, but can be turned off by using
+ configure --without-geoip2, or by using
+ configure --with-geoip, which will cause
+ the legacy GeoIP API to be used instead. (Note that the
+ databases for the legacy API are no longer maintained by
+ MaxMind.)
+
+
+ The default path to the GeoIP2 databases will be set based
+ on the location of the libmaxminddb library;
+ for example, if it is in /usr/local/lib,
+ then the default path will be
+ /usr/local/share/GeoIP.
+ This value can be overridden in named.conf
+ using the geoip-directory option.
+
+
+ Some geoip ACL settings that were available with
+ legacy GeoIP, including searches for netspeed,
+ org, and three-letter ISO country codes, will
+ no longer work when using GeoIP2. Supported GeoIP2 database
+ types are country, city,
+ domain, isp, and
+ as. All of these databases support both IPv4
+ and IPv6 lookups. [GL #182]
+
+
In order to clarify the configuration of DNSSEC keys,