Why Use BIND 9?

At some point in the future, the ISC will make BIND 9 the Recommended Version of BIND and stop making bug fix releases of BIND 8. One reason to set up and use BIND 9 on at least one machine is to prepare for that time. Already knowing everything about what it takes to convert your nameservers from BIND 8 to BIND 9 will make the job that much easier, and would make it possible to do quickly if needed by security or other requirements.

The only other reason for using BIND 9 now is that you need some of the functionality present in BIND 9. IPv6 has been cited by some early adopters, and DNSSEC/TSIG on zone transfers is another thing some people like. Other key features is the new view feature (see the following), which makes split DNS setups easier, and the scalability.

The support for alternative backend databases is not what you might hope at present because no implementations of alternative backend databases are available. Also, BIND is exceedingly fast at performing lookups in its own memory-resident database. It has been reported to handle upwards of 15,000 20,000/second, and to be restricted by the speed of the IP stack rather than the lookup engine. A unpublished MySQL-based database backend has been reported to perform 1000+ of lookups/second.

All this was discussed in July of 2000 on the ISC BIND 9 users mailing list. The author of the backend cannot release the source code because it is the property of one of his customers.

Replacing BIND's own database with your own can give you two things: instant startup even with multitudes of zones and smaller memory footprint. At least BIND won't be using up memory; your database, on the other hand, might. Similarly, if your database takes five minutes to start, a one-second startup time for BIND might not help you.

Two ways are available to replace zone files with a database. One is to replace the zone-loading mechanism and load zones into BIND's own fast database from something other than a zone file. This is easy to do, but BIND will still use the same amount of memory. Plus, doing this any faster than BIND 9 can perform simple reads from a zone file is difficult. The other method is to replace BIND's database engine and create something using some other database store, such as MySQL, DB2, or Oracle. BIND's database access and search methods are complex and numerous (23 exist), so this can be quite a large task. However, if you have the resources to develop such a backend, BIND 9 can be used which was not the case with BIND 4 or 8. Of course, in a security-minded environment, the database needs to have security features similar to BIND. Adding a complex, networked RMDBMS securely might prove difficult.