The first public release of the BIND 10 open source DNS server is now out. But don’t rush to update your servers just yet — it’s still years away from being ready for production use.
The ISC (Internet Systems Consortium) has been talking about BIND 10 since at least 2007 when the BIND 9.4 release came out. Last year, the ISC told me that work had actually started on development of BIND 10 and now here we are a year later and the first public milestone.
BIND 10 is a major new version of the popular DNS server and will improve DNSSEC as well as making it easier to both manage and extend BIND. It’s a tall order for such a stable and powerful piece of software and that’s why it will still take more time until it’s ready for prime-time.
“This release is not meant to replace BIND 9 yet, even for
authoritative only servers!” ISC staffer Shane Kerr wrote in a blog post. “Our plan is to have a server ready for
production environments, but that is still a couple of years away. The
current version is meant for testing, experimenting, and so on.”
Considering the critical role that BIND DNS servers play in Internet infrastructure, I’m personally in no major rush to see BIND 10 completed. It’ll be done, when it’s done.
In the meantime, VeriSign is set to invest up to $300 million to improve its own DNS infrastructure – an infrastructure that doesn’t rely on BIND. Make no mistake about it modern DNS servers work well today. But as the world moves to an all-IP infrastructure the DNS servers of tomorrow will need to do more.