Andras Salamon (send email to andras at the dns.net domain)
Version 2.10, 6 March 1999
Copyright 1995-9 Andras Salamon
This is an old document. For more up to date information, please refer to the DNS Servers section of the DNS Resources Directory.
http://www.dns.net/dnsrd/in HTML format
http://www.dns.net/dnsrd/docs/exotic.htmlor as a text file
http://www.dns.net/dnsrd/docs/exotic.txtand also by anonymous ftp as a text file
ftp://ftp.is.co.za/networking/ip/dns/exotic.txt
This document is an attempt at a comprehensive survey of name server software for the Domain Name System (DNS). Some large-scale IP management systems include a DNS server component; these systems are discussed in the Tools section of the DNS Resources Directory.
http://www.dns.net/dnsrd/tools.html
This document represents my personal view on the topic, and is therefore likely to have missing information and flaws. I encourage comments and suggestions.
Many of the references in this document are to ftp.is.co.za, the ftp site of The Internet Solution. I maintain the DNS archive at this site but most of the information kept there is mirrored from other sites. The original sites will often have more recent versions of each package.
The roots of this document are in a query posted at the end of 1994 by Bryan Beecher, who asked whether there were non-UNIX name servers. Two people responded; both ran TGV Multinet under VMS. In January 1995 I asked the bind mailing list (now bind-users) if anyone was running exotic name servers. By this I meant non-BIND or non-UNIX servers, since the Internet reference implementation of a DNS server is BIND, and UNIX is its most popular platform. Since then this document has expanded into a general reference on different implementations of name servers.
Disclaimer: although I have tried, I have not been able to verify all the information given to me by third parties.
For a name server to be usable on the Internet, it must support either zone transfers from other servers, `inwards transfers' (such a server is referred to as a slave or secondary server for these zones); or other servers transferring zones from it, `outwards transfers' (usually such a server is a master or primary server for these zones, but may also be a slave for these zones). If neither inwards nor outwards transfers are supported, there is no way to link the server into the global DNS hierarchy, and it can only be used for simple caching, to provide a slightly enhanced service to local name server clients.
A server will usually need to support recursive queries from stub resolvers, which are the most common types of DNS client software (a stub resolver hands off recursive queries to a server to resolve, instead of performing the full iterative resolution process itself). Some servers are configured as forwarders, which behave like stub resolvers and pass most queries on to another name server.
In addition, a useful server must support at least the common resource record types A, MX, PTR, SOA, CNAME, NS, and should support caching. This is realy a minimal list of absolutely required features; modern DNS servers should support DNS features beyond these.
By these minimal criteria, there are currently functional servers available for Unix, VMS, Windows NT, MacOS, OS/2, and Windows 95. The current standard implementation of a DNS server is BIND on Unix, although BIND has also been ported to VMS, Windows NT, and OS/2. Some of the other platforms discussed here may also be viable, but bear in mind that an operating system designed for robust servers is likely to prove a more stable platform for a name server than an operating system designed for the desktop.
The rest of this document is organized into sections for each major type of operating system for which DNS software is available. In addition to the DNS servers listed in this document, there are some large-scale IP address management systems available which include a DNS server as a component of the system. These will be covered in a later version of this document; for now they are mentioned in the Tools section of the DNS Resources Directory.
http://www.dns.net/dnsrd/tools.html
Unix is the original platform for the BIND name server. BIND on Unix is regarded as the reference implementation of a DNS server and usually serves as the base for experiments with extending the DNS protocol to support new types of information.
BIND has also been ported to other operating systems; see the respective entries in this document.
BIND is a mature piece of code, the proverbial kitchen sink of DNS. Because of its long development history, its flexibility, and its high performance, BIND is generally the choice for large production name servers on the Internet. On the other end of the scale, BIND also runs well on a free Unix derivative like Linux, on a PC with a 486 processor and 16MB RAM, and such a combination is a common, effective, low-cost name server platform for a smaller site. At the time of writing, the most recent release of BIND is 8.1.2, released in May 1998, and 8.2 is being tested.
http://www.isc.org/bind.html ftp://ftp.is.co.za/networking/ip/dns/bind/release/Ongoing development of BIND is sponsored by the Internet Software Consortium.
http://www.isc.org/
Dents is a new name server implementation for Unix covered by the GPL. The code is still in alpha testing, so this server is not appropriate at the time of writing for production use.
http://www.dents.org/
Windows NT is a suitable platform for name servers. The best bet at time of writing is probably to try the free BIND port; it is widely used. Microsoft's DNS server is a part of NT Server 4.0, and is not provided with the Workstation version of NT. This server appears to be a reasonable alternative, although there are mixed feelings about its suitability for robust, large-scale service. Non-Microsoft servers usually function on either workstation or server variants of NT.
The server shipping with NT Server 4.0 features integration with WINS, has a GUI database frontend and a control panel. It is worth a serious look, although it has been found to be vulnerable to a variety of denial-of-service attacks. If using this server, it is important to keep up to date with software updates from Microsoft; Service Pack 4 for NT 4.0 and any of the subsequent DNS-related hotfixes are mandatory to resolve the most serious security issues.
If the Microsoft DNS server is integrated with WINS, it will generate nonstandard resource records containing the dynamic WINS information. Outwards zone transfers from such a server may fail if the initiating server is standards-based. Older versions of BIND (pre-4.9.5) will also terminate when encountering these records during a zone transfer. The properties for each zone include an option to switch off the generation of these records by the Microsoft DNS server, and Microsoft recommends doing so when these zones need to be transferred to a non-Microsoft server.
The Windows NT 3.51 Resource Kit from Microsoft included a DNS server. This had several major shortcomings and was beta code--it is not appropriate for use as an Internet name server under any circumstances.
There is a widely used freeware port of BIND to NT (3.51 and 4.0), currently maintained by Larry Kahn. A control panel frontend is included but zone file maintenance still needs to be done by editing files or through additional software. The source code is also freely available. Note that this is BIND version 4.9.7, so some of the more recent DNS developments are not supported.
ftp://ftp.is.co.za/networking/ip/dns/bind/nt/An older version of this code was repackaged by a commercial vendor, and is also available for non-Intel processor architectures. This code is not formally supported.
http://www.software.com/products/bindnt.html ftp://ftp.is.co.za/networking/ip/dns/bind/nt/software.com/
MetaInfo has a commercial port of BIND 8 to NT
http://www.metainfo.com/products/metaip/dns.htmwhich is fully functional and is well regarded. It supports integration with WINS and has a Java based configuration and database interface. According to Mark Symons, it drops WINS records during zone transfers, ensuring interoperability. This port tends to track the latest BIND releases very closely.
FBLI has a commercial port of BIND 4 to NT
http://www.fbli.com/english/dnspro.htmwhich is also fully functional, with a control panel and a GUI frontend to the database. I am not clear on the status of this software.
MacOS is not designed for servers. Despite this it often forms the basis for low to medium range servers when ease of administration is more important than that last 0.1% of uptime. There is at least one robust DNS server for MacOS.
QuickDNS appears to be fully functional commercial software, including a GUI configuration frontend. High performance is a feature that is stressed by the vendor.
http://www.menandmice.com/QuickDNS/
MacDNS is a free Apple product. I have not tested it fully, but it appears to satisfactorily support inward and outward transfers, has an `Apple interface', and supports stub resolvers by forwarding recursive queries to a designated recursive name server in the manner of a slave forwarder. There may be interoperability problems with more recent (post-8.0) versions of MacOS.
http://cybertech.apple.com/MacDNS.html
NonSequitur (formerly MIND) is a free implementation of a DNS server for the Apple Macintosh. It does not support inward transfers or recursion, so its use is probably limited to sites where all resolvers are capable of recursion (this is true for MacOS), or as a hidden master server.
http://www.gross.net/sw/nonsequitur/
Pictorius Net Servers is a set of network servers including a DNS server, bundled into a single free application. The vendor, Pictorius Inc, appears to be focusing on selling add-ons to the servers.
http://www.pictorius.com/main/products/net_servers/netservers.html
Carl Steadman is co-author of the book `Providing Internet Services via the Mac OS' which is available on line. It includes a well-written though rapidly aging section on MacOS DNS servers, including a step by step introduction.
http://www.pism.com/ http://www.pism.com/dns/
A freeware port of BIND 8.1.2 to OS/2 exists. An older 4.9.5 port is also available.
http://hobbes.nmsu.edu/cgi-bin/h-browse?sh=1&dir=/pub/os2/util/network/tcpip ftp://hobbes.nmsu.edu/pub/os2/util/network/tcpip/bind812a.zip http://hobbes.nmsu.edu/pub/os2/util/network/tcpip/bind812a.zip ftp://ftp.is.co.za/networking/ip/dns/bind/os2/
Roger Fajman mentioned IBM's name server implementation in their TCP/IP for VM and MVS, and Tom Costandine mentioned a server which IBM provides for OS/2. More information on these servers would be useful.
Craig Jackson mentioned that the name server in the mainframe TCP/IP product is not based on BIND but on software developed in the mid-80's at the University of Wisconsin, and uses a relational database backend.
According to Larry Kahn, Windows 95 has a persistent network-related memory leak, but this can be minimised with available patches, allowing it to be used as a name server platform for small sites (the operating system has a limit of 48 simultaneous open sockets). The freeware port of BIND to NT comes bundled with the Windows 95 installation components. To obtain the software, please consult the references listed in the section on NT.
Steve D. Miller pointed out that the NetManage ChameleonNFS 4.0 manual stated that the product included a DNS server. It seems it only did hostname to IP translation. Version 6 of NFS/X has been released, but no details about the functionality of the included name server are available.
A few years ago Gary Hope reported using a beta of Novell's NetWare IP 2.12, which had a DNS subsystem including a name server. It supported MX records and seemed to be fairly functional as a caching server, but did not do zone transfers at that stage. More information would be welcome. Sam Wilson reported briefly that version 2.2 was being used at their site. It apparently requires the administrator to use a menu system for configuration.
Larry Sheldon reported using "bind" from FTP Software under MS-DOS. Matthew Ellison mentioned this has now been discontinued.
Banyan apparently has a similar product. According to Merton Campbell Crockett, FTP Software provided the original TCP/IP support for Banyan VINES.
The KA9Q suite of DOS communications software contains a DNS server.
ftp://ftp.demon.co.uk/pub/demon/ibmpc/dos/files/
Paul Vixie mentioned that DEC's VMS TCP/IP implementation had a name server not based on BIND.
Brad Knowles reported using Wollongong TCP-IP under VAX/VMS; apparently the work was originally done by TGV and was based on BIND.
TGV Multinet included an enhanced VMS port of BIND. Craig Jackson mentioned that the TGV port (as of 1996) ran under TGV's superserver and was heavily multithreaded. This software is now under the banner of Process Software. Jeff Schreiber from Process Software stated that their TCPware DNS server was a VMS port of BIND, with added features such as cluster load balancing. In January 1999 the code base for these servers was still BIND 4.9.5, but was projected to move to BIND 8.1 in the first quarter of 1999.
http://www.process.com/openvms.htp http://www.process.com/multinet/
Simon Leinen came up with a real exotic:
The DNS server in Genera, the operating system of the Symbolics
Lisp Machines. It is written in Lisp (of course). The source is
about 750 lines long.
Roland Schemers implemented a load-balancing DNS forwarder in Perl at Stanford and presented a paper on it at the LISA IX conference in September 1995 (this paper is available online to USENIX members only).
http://www-leland.stanford.edu/~schemers/docs/lbnamed/lbnamed.html http://www.usenix.org/publications/library/proceedings/lisa95/schemers.html
Richard Shuford sent information on the md-dns name server which ran on VOS for Stratus fault-tolerant computers, but appears to have been discontinued.
http://www.cavendish.co.uk/
Chief BIND maintainer Paul Vixie is actively working with the major Unix vendors to update the vendor-shipped versions of BIND. Some vendors still ship obsolete, buggy versions of BIND with their operating systems.
Paul mentioned quite some time ago that official ports of BIND 4.9.x to OS/2 and Windows NT are in the pipeline, but depend on available time and resources. In the meantime have a look at the independent porting efforts mentioned in this document, which have at least Paul's implicit blessing.
Thanks to:
Bryan Beecher
Lars Bertelsen
Tom Costandine
Merton Campbell Crockett
Matthew Ellison
Jaeson Engle
Roger Fajman
Arne K. Haaje
Gary Hope
Craig Jackson
Chris Jahr
Paul Jungwirth
Laurence G. Kahn
Niranjan Koduri
Bill Larson
Martin Kiff
Leon McCalla
Steve D. Miller
Dan Perry
Jeff Schreiber
Larry Sheldon
Richard S. Shuford
Carl Steadman
Mark Symons
Chuq Von Rospach
Julie Weatherbee
Sam Wilson
for private correspondence and
Stan Barber
Carl S. Gutekunst
nathaniel irons
Brad Knowles
Simon Leinen
Ken McLeod
Kevin Oberman
Roland Schemers
The TidBITS Editors
Paul Vixie
Matthew B. Wood
Paul Wren
for their postings to public mailing lists or newsgroups.
To subscribe to the bind-users mailing list, send a message containing the line `subscribe bind-users' to bind-users-request@vix.com. This list is also gatewayed to the comp.protocols.dns.bind newsgroup.