NSD: Difference between revisions

NSD
Developer(s)	NLnet Labs
Stable release	3.0.4 / January 18 2007
Repository	github.com/NLnetLabs/nsd ;
Operating system	Unix-like
Type	DNS server
License	BSD license
Website	www.nlnetlabs.nl/nsd/

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 20:40, 8 February 2007

This article is about the computer program. For the NASA detonator, see NASA standard detonator. For NSD Delhi, see National School of Drama. For the diagramming technique see Nassi-Shneiderman diagram.

In Internet computing, NSD (for "name server daemon") is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server (i.e., not implementing the recursive caching function by design). The intention of this development is to add variance to the "gene pool" of DNS implementations used by higher level name servers and thus increasing the resilience of DNS against software flaws or exploits.

NSD uses BIND-style zone-files (zone-files used under BIND can usually be used unmodified in NSD, once entered into the NSD configuration).

NSD uses zone information compiled via 'zonec' into a binary database file (nsd.db) which allows fast startup of the NSD name-service daemon, and allows syntax-structural errors in Zone-Files to be flagged at compile-time (before being made available to NSD service itself).

The collection of programs/processes that make-up NSD are designed so that the NSD daemon itself runs as a non-privileged user and can be easily be configured to run in a Chroot jail, such that security flaws in the NSD daemon are not so likely to result in system-wide compromise as without such measures.

Three of the Internet root nameservers have been switched to NSD.

k.root-servers.net was switched to NSD on February 19, 2003.^[1]
One of the 2 load-balanced servers for h.root-servers.net (called "H1", "H2") was switched to NSD, and now there are 3 servers all running NSD (called "H1", "H2", "H3").^[2]
l.root-servers.net switched to NSD on February 6th 2007

Several other TLDs use NSD for part of their servers. NSD was developed. The authors of NSD would definitely not like to see all servers switch to NSD because this would not achive the intent of diversifying the software base.

References

^ Karrenberg, Daniel (2003-02-14). "k.root-servers.net Changing DNS Software at on 19.2.2003". Retrieved 2007-01-30.
^ ""Stichting NLnet; Annual Report 2003" mentioning NSD on h.root-servers.net". Stichting NLnet Labs. 2004-05-18. p. 13. Retrieved 2007-01-30.

External links

[1] Karrenberg, Daniel (2003-02-14). "k.root-servers.net Changing DNS Software at on 19.2.2003". Retrieved 2007-01-30.

[2] ""Stichting NLnet; Annual Report 2003" mentioning NSD on h.root-servers.net". Stichting NLnet Labs. 2004-05-18. p. 13. Retrieved 2007-01-30.

[1]

[2]

@@ Line 12: / Line 12: @@
   website = [http://www.nlnetlabs.nl/nsd/ www.nlnetlabs.nl/nsd/] |
 }}
-In Internet computing, '''NSD''' (for "name server daemon") is an [[open source|open-source]] [[Server (computing)|server]] [[computer program|program]] for the [[Domain Name System]]. It was developed by [[NLnet Labs]] of [[Amsterdam]] at the request of the [[RIPE NCC]], from scratch as an authoritative name server (i.e., not implementing the recursive caching function by design).
+In Internet computing, '''NSD''' (for "name server daemon") is an [[open source|open-source]] [[Server (computing)|server]] [[computer program|program]] for the [[Domain Name System]]. It was developed by [[NLnet Labs]] of [[Amsterdam]] in cooperation with the [[RIPE NCC]], from scratch as an authoritative name server (i.e., not implementing the recursive caching function by design). The intention of this development is to add variance to  the "gene pool" of DNS implementations
+used by higher level name servers and thus increasing the resilience of DNS against software flaws or exploits.
 NSD uses [[BIND]]-style zone-files (zone-files used under BIND can usually be used unmodified in NSD, once entered into the NSD configuration).
@@ Line 20: / Line 21: @@
 The collection of programs/processes that make-up NSD are designed so that the NSD daemon itself runs as a non-privileged user and can be easily be configured to run in a [[Chroot jail]], such that security flaws in the NSD daemon are not so likely to result in system-wide compromise as without such measures.
-Two of the [[Internet]] [[root nameserver]]s have been switched to NSD.
+Three of the [[Internet]] [[root nameserver]]s have been switched to NSD.
 * k.root-servers.net was switched to NSD on [[February 19]], [[2003]].<ref>{{cite web |url=https://www.ripe.net/ripe/maillists/archives/dns-wg/2003/msg00044.html |title=k.root-servers.net Changing DNS Software at on 19.2.2003 |accessdate=2007-01-30 |last=Karrenberg |first=Daniel |date=2003-02-14 }}</ref>
 * One of the 2 load-balanced servers for h.root-servers.net (called "H1", "H2") was switched to NSD, and now there are 3 servers all running NSD (called "H1", "H2", "H3").<ref>{{cite web |url=http://www.nlnet.nl/project/nlnetlabs/2003-annual/#2.2.2 |title="Stichting NLnet; Annual Report 2003" mentioning NSD on h.root-servers.net |accessdate=2007-01-30 |date=2004-05-18 |publisher=Stichting NLnet Labs |pages=13 }}</ref>
+* l.root-servers.net switched to NSD on February 6th 2007
+Several other TLDs use NSD for part of their servers. NSD was developed. The authors of NSD would definitely not like to see
+all servers switch to NSD because this would not achive the intent of diversifying the software base.
 ==See also==