NSD: Name Server Daemon

NSD is an authoritative only, high performance, simple and open source name server. The current older stable release is NSD 2.3.7. This release is considered as end-of-life product. People are advised to upgrade to the most current release.


NSD 2.3.7

April 16th, 2007
    • Bug #149: Fixed text for NOTAUTH error code.
    • Fixed getaddrinfo error message to be more descriptive.
    • Fallback to IPv4 if getaddrinfo fails for IPv6.
    • Type WKS printed wrong from nsd-xfer. Fixup in call to getservbyport.
    • No warning on time_t to int conversion in log_file().
        Download: nsd-2.3.7.tar.gz
        Checksum sha1: 4eee0dfdbe823c83e16a4830e97256e66e1d331a

        NSD 2.3.6

        October 11th, 2006
        • nsd-notify will retry max 15 times 5 second retries.
        • Patch from Stephane to allow xfer in parallel added to contrib.
        • Bug #105: nsdc lacks locking, fixed locking for root user.
        • Bug #134: nsd: make -N <large number> work again.
        • Bug #135: Typo in locking code for nsdc, fixed.
        • Uninitialised variable (found in nsd3 debugging) fixed.
        • Unaligned memory access (on Solaris SPARC, from nsd3 debugging), in zonec LOC parsing, fixed.
        • Removed unused named8_stats ptr.
        • Bug #138: nsd aborts trying to bind all interfaces if ip6 is not enabled, instead it will fallback to ip4.
        • Bug #139: resync stats to whole period.
        • Bug #140: NSD did not clear CD bit on authoritative answers.
        • Bug #141: NSD did not clear flags on a formerror reply.
        • tsig null ptr when size set, fixed.
        • Bug #144: LOC RRtype defaults not according to RFC1876.
            Download: nsd-2.3.6.tar.gz
            Checksum sha1: 35924540e51ac67150c6bdee6e6f1e411c44ab88

            NSD 2.3.5

            June 2nd, 2006
              • Bug #132: regression, nsd: fix compile with --disable-ipv6
              • Makefile: remove gnuisms
                  Download: nsd-2.3.5.tar.gz
                  Checksum sha1: 99d3e0a763700ffa130082bb7955ddb6fa1ad5d7

                  NSD 2.3.4

                  May 2nd, 2006
                    • Unknown type codes for type code numbers > 48 and < 97 work again. (this implies --enable-checking can be enabled again)
                    • nsd: sighandler() fixes
                    • Bug #118: nsd: nsd_notify waits for a response. Will retry the notify after a timeout.
                    • Bug #124: $(DESTDIR) was added to Makefile.in.
                    • Bug #128: zonec: parser can handle \\ at the end of a string.
                    • zonec: lexer: add \r to the newline delimeter
                    • zonec: use strtol with an explicit base 10 as parameter. (Scott Rose, Roy Arends)
                    • nsd-xfer: print human readable error codes. Change logging to be more in line with the rest.
                        Download: nsd-2.3.4.tar.gz
                        Checksum sha1: c9e3959ab61fecaa78f64fda9d19abd06309015a

                        NSD 2.3.3

                        December 7th, 2005
                          • Apply the correct patch to nsdc.sh.in.
                              Download: nsd-2.3.3.tar.gz
                              Checksum sha1: def04dc4cecc70065edd3174ff0326027d208eb8

                              NSD 2.3.2

                              December 5th, 2005
                              • Bug #101: add support for the SPF record.
                              • Bug #100: replaced non-portable use of timegm(3) with portable implementation (mktime_from_utc).
                              • Bug #103: nsd: trim the SOA's TTL to the MINIMUM value when returning a negative answer.
                              • Bug #104: nsd: add a time_t timestamp to the log when logging to a file.
                              • Bug #105: nsdc: use a lock file when rebuilding the database (patch by Jakob Schlyter/Ted Lindgreen/Sebastian/Ondrej Sury).
                              • Bug #106: zonec: don't walk all 256 NSEC windows when that is not needed.
                              • Bug #107: zonec: fixed a crash when encountering bad unknown rdata.
                              • nsd: Don't print: "error: nsd is already running as <pid>, stopping" when in fact NSD continues to run.
                              • nsd: Minimize the race window in sig_handler().
                                Operational notes
                                • We are now using a SHA-1 digest on the NSD tarball.
                                Download: nsd-2.3.2.tar.gz
                                Checksum sha1: 6073d7d5675e62d242e305fde2a05de006bae6cf

                                NSD 2.3.1

                                August 31st, 2005
                                  • zonec: Don't crash when generating error messages outside of zone files.
                                  • nsd: when logging to a file the pid is now printed.
                                  • nsd: Reset 'boot' time in statistics when reloading the database, since the statistics are reset to 0 on a reload.
                                  • nsd-xfer.c: Added '-a' option to specify local address to connect from. Original patch supplied by Walter Hop <nsd@walter.transip.nl>.
                                  • Bug #98: Allow mnemonics for DS and RRSIG algorithm field.
                                      Download: nsd-2.3.1.tar.gz
                                      Checksum md5: c24c4dc3e7ad2ab67f4fd8a8668fc1b6

                                      NSD 2.3.0

                                      May 2nd, 2005
                                      • DNSSEC is now enabled by default. NSD should be fully compliant with RFC4033, RFC4034, and RFC4035.
                                      • nsd: Ensure that the number of -a flags does not exceed the maximum specified by MAX_INTERFACES in config.h.
                                      • nsd-xfer: Use serial number arithmetic (RFC1982) for the zone serial check
                                      • nsdc: Don't pass (fake) serial number to nsd-xfer if the zone file does not exist.
                                      • zonec: Loading many zones would cause namedb_find_zone to slow down, performance patch by Kazunori Fujiwara.
                                      • Bug #96: nsd-xfer did not handle 8-bit domain names correctly.
                                          Download: nsd-2.3.0.tar.gz
                                          Checksum md5: 76512e7d188d3da4a83d0d3cc6c9399e

                                          NSD 2.2.1

                                          February 21th, 2005
                                          • The message priority is now included when logging to a file.
                                          • Zero length RDATA using the unknown RR notation was not working (except for the APL RR type).
                                          • Bug #93: './configure' error message containing a comma must be properly bracketed.
                                          • Bug #94: nsd-xfer: Handle unexpected EOF when receiving AXFR data. Timeout if no data is received for more than 120 seconds (see the TCP_TIMEOUT parameter in config.h).
                                          • Bug #95: An owner starting with an asterisk label ("*") was being treated as its own wildcard child.
                                              Download: nsd-2.2.1.tar.gz
                                              Checksum md5: 6875cb2495122654334e6234ebeb9d98

                                              NSD 2.2.0

                                              January 18th, 2005
                                              • nsd-xfer: replacement program for named-xfer to perform zone transfers using AXFR. TSIG is supported by nsd-xfer but not yet by the nsd server. DNSSEC is also supported. TSIG requires OpenSSL version 0.9.7 or higher, configure using --disable-tsig if you do not have OpenSSL installed. Configure using --with-ssl=path if OpenSSL is not installed at a standard location.
                                              • Fixed endian problem in WKS record.
                                              • Protocol can now be specified numerically in WKS record.
                                              • Allow escape sequences (\DDD) in TTL, RR class, and RR type.
                                              • The zone compiler now accepts many more characters in unquoted strings such as domain name labels. The characters no longer need to be escaped with a backslash.
                                              • Close included files after reading.
                                              • Maximum TCP message size is now 65535 bytes. AXFR response packets are still limited to 16383 bytes for optimal compression of dnames.
                                              • The TSIG key for AXFRs can now also be stored in the file <zonename>.tsiginfo. This makes it possible to use TSIG with multiple master servers.
                                              • Signals are no longer blocked while performing I/O so the server should respond quicker to signals.
                                              • Fixed parsing of LOC rdata. Fractions and altitude were not handled correctly.
                                              Code changes
                                                Code change: New data structure 'buffer_type' for representing binary buffers that can be read, written, and resized. Data in these buffers is stored in network byte order. This data structure replaces the iobuf field of 'struct query'.
                                                Download: nsd-2.2.0.tar.gz
                                                Checksum md5: e84b8e9d03062710ea847ea146ccb5d5

                                                NSD 2.1.5

                                                November 29th, 2004
                                                  • Bug #90: handle \000 in TXT records correctly
                                                  • Fixed undefined behavior in the use of vsnprintf when logging messages. This caused crashes on Linux/PPC.
                                                      Download: nsd-2.1.5.tar.gz
                                                      Checksum md5: 24e81b2bb25f0663e153e174bb585f04

                                                      NSD 2.1.4

                                                      November 3rd, 2004
                                                        • nsdc: Fixed a typo that caused AXFRs to stop working.
                                                            Download: nsd-2.1.4.tar.gz
                                                            Checksum md5: 8aee452493b93f27c52e8b4dd2d5a161

                                                            NSD 2.1.3

                                                            October 28th, 2004
                                                            • nsd: The pidfile can be specified using the '-P' option.
                                                            • Bug #87: allow @ in the rdata.
                                                            • Bug #88: allow ::FFFF:ipv4addr in AAAA records.
                                                            • Bug #89: Count the number of queries received over TCP, instead of the number of TCP connections.
                                                            • Zonec: when - is used as input, set the filename to 'STDIN'.
                                                            • The nsdc script handles failed AXFRs more gracefully.
                                                            • NSD emits an error when it sees bitlabels (RFC 2673).
                                                            • Only copy the CD bit when DNSSEC is enabled.
                                                                Download: nsd-2.1.3.tar.gz
                                                                Checksum md5: ea832d52e97a22f0f82a48fd16a72de7

                                                                NSD 2.1.2

                                                                July 30th, 2004
                                                                • NSD now fully supports unknown record types using the notation specified in RFC3597.
                                                                • Support for the following RR types has been added: WKS, X25, ISDN, RT, NSAP, PX, NAPTR, KX, CERT, DNAME, and APL. DNAME special processing is not supported.
                                                                • Bug #84: NSD now uses SIGUSR1 instead of SIGILL to report stats.
                                                                • Bug #85: Support for WKS records.
                                                                • Bug #86: The characters "#%&^[]?" can now be used without backslash in zone file domain names.
                                                                • Plugin callback return type fixed.
                                                                • The maximum message length for IPv6 UDP packets is now limited to the IPv6 minimum MTU (1280) unless the IPV6_USE_MIN_MTU socket option is supported.
                                                                    Download: nsd-2.1.2.tar.gz
                                                                    Checksum md5: dfab5d1d06e6bc880eef3f55b380bb66

                                                                    NSD 2.1.1

                                                                    July 1st, 2004
                                                                      • Bug #81: Handle unknown types correctly.
                                                                      • Bug #82: Zonec: don't report "0 errors" unless -v is specified.
                                                                      • Bug #83: Close zone files after parsing.
                                                                      • Handle AFSDB RR type.
                                                                          Download: nsd-2.1.1.tar.gz
                                                                          Checksum md5: 244f04252e5b307402318e256c5f45f3

                                                                          NSD 2.1.0

                                                                          May 14th, 2004
                                                                          • New networking code allows a single server to handle both UDP and TCP connections. By default up to 10 simultaneous TCP connections are supported. Use the '-n' flag to change the default.
                                                                                Download: nsd-2.1.0.tar.gz
                                                                                Checksum md5: d2b6246c1b639ca23894f95b4203f016

                                                                                NSD 2.0.2

                                                                                March 25th, 2004
                                                                                  • Allow the use of a mnemonic for the algorithm field of a DNSKEY record.
                                                                                  • Behavior of the zonec -v flag has been modified. By default zonec will only print a single line with a summary of the error count.
                                                                                  • Bug #75: Fixed typo in previous "fix".
                                                                                      Download: nsd-2.0.2.tar.gz
                                                                                      Checksum md5: 6e2634f0edb81ed2d248975783644432

                                                                                      NSD 2.0.1

                                                                                      March 15th, 2004
                                                                                        • Queries for QTYPE DS (DNSSEC) were not handled correctly in certain cases.
                                                                                        • Partial support for unknown RRs. Known RR types with unknown RR data format is not yet supported.
                                                                                        • Bug #75: Fixed bad error message when nsdc update is run for the first time.
                                                                                        • Bug #78: Multiple zones, each with include directives, are now compiled correctly.
                                                                                            Download: nsd-2.0.1.tar.gz
                                                                                            Checksum md5: 0d04eaa23163f699daf755c006da1501

                                                                                            NSD 2.0.0

                                                                                            February 14th, 2004
                                                                                            • Experimental DNSSEC support implemented, but disabled by default. Enable using the --enable-dnssec configuration option.
                                                                                            • IPv6 enabled by default. Disable using the --disable-ipv6 configuration option.
                                                                                            • Bug #47: Domain name is now logged when a notify is received.
                                                                                            • Bug #70: First include all A records in the additional section, followed by AAAA records.
                                                                                            • Bug #77: Check length of domain name and label.
                                                                                            • LOC records are supported again.
                                                                                                Download: nsd-2.0.0.tar.gz
                                                                                                Checksum md5: a09542645b91ff60564b0f4db436af01

                                                                                                Wed Sep 25 2013

                                                                                                © Stichting NLnet Labs

                                                                                                Science Park 400, 1098 XH Amsterdam, The Netherlands

                                                                                                labs@nlnetlabs.nl, subsidised by NLnet and SIDN.