A history of BIND (Berkeley Internet Name Domain) from its inception to current developments. BIND has been the cornerstone of DNS infrastructure for over four decades.
| Year | Version | Key Milestones |
|---|---|---|
| 1984 | BIND 1 | Original implementation with 4.3BSD |
| 1988 | BIND 4 | Widespread adoption, became de facto standard |
| 1997 | BIND 8 | Modular architecture, improved security (May 1997) |
| 1994 | - | ISC takes over maintenance |
| 1999 | BIND 9 (dev) | Development begins on BIND 9 |
| 2000 | BIND 9.0 | First BIND 9 release, DNSSEC support |
| 2002 | BIND 9.2 | IPv6 support, improved threading |
| 2004 | BIND 9.3 | TSIG, TKEY, DNSSEC improvements |
| 2005 | BIND 9.4 | DLZ (Dynamically Loadable Zones) |
| 2007 | BIND 9.5 | DNSSEC validation, anycast support |
| 2008 | BIND 9.6 | DNSSEC signing, NSEC3 |
| 2010 | BIND 9.7 | DNSSEC inline signing, auto-signing |
| 2012 | BIND 9.8 | Response Rate Limiting (RRL) |
| 2014 | BIND 9.9 | DNS Cookie, improved performance |
| 2016 | BIND 9.10 | DNS over TLS (experimental) |
| 2017 | BIND 9.11 | Full DoT support, improved DNSSEC |
| 2018 | BIND 9.12 | QNAME minimization, performance improvements (Jan 2018) |
| 2018 | BIND 9.13 | Development branch (new resolver, libuv experiments) |
| 2019 | BIND 9.14 | DNS over HTTPS (forwarding), modernized codebase |
| 2020 | BIND 9.16 | Long-Term Support (LTS) release |
| 2022 | BIND 9.18 | Extended Support Version (ESV) - released Jan 2022, ESV Jan 2023 |
| 2024 | BIND 9.20 | New ESV branch (July 2024) |
| 2025 | BIND 9.20.x | Continued maintenance |
| 2026 | BIND 9.20.22 | Current ESV (April 1, 2026) |
BIND was first developed in 1984 by students and staff at UC Berkeley as part of the 4.3BSD Unix distribution. It was created to implement the Domain Name System (DNS) protocols that were being standardized by the Internet Engineering Task Force (IETF).
Since 1994, the Internet Systems Consortium (ISC) has maintained BIND. ISC continues to develop and support BIND as a critical internet infrastructure component.
BIND 10 was an ambitious complete rewrite of BIND that ran parallel to BIND 9 development:
Key lessons from BIND 10 influenced BIND 9’s evolution, including the move toward modular architecture and improved APIs.
BIND 9 was a complete rewrite addressing limitations of BIND 8:
Key features added:
Major improvements:
ISC introduced ESV (Extended Support Version) model:
Extended Support Version with 4-year support cycle:
Latest: 9.18.48 (April 1, 2026)
Current Extended Support Version:
Latest: 9.20.22 (April 1, 2026)
Development branch for new features:
Latest: 9.21.21 (April 1, 2026)
| Era | Security Features |
|---|---|
| 1984-1994 | Basic access controls |
| 1994-2000 | TSIG, transaction security |
| 2000-2010 | DNSSEC signing/validation |
| 2010-2020 | RRL, DNS Cookie, DoT |
| 2020-Present | QNAME minimization, enhanced DNSSEC |
| Era | Performance Features |
|---|---|
| 1984-1994 | Single-threaded |
| 1994-2000 | Basic threading |
| 2000-2010 | Multi-threaded, task-based |
| 2010-2020 | Optimized caching, modern CPU support |
| 2020-Present | AVX2 optimizations, improved concurrency |
| Era | Protocol Features |
|---|---|
| 1984-1994 | DNS basics (RFC 1034/1035) |
| 1994-2000 | Dynamic DNS (RFC 2136) |
| 2000-2010 | DNSSEC, IPv6, EDNS0 |
| 2010-2020 | DoT, DoH, DNS Cookie |
| 2020-Present | Modern DNS extensions |
BIND has played a crucial role in the growth and stability of the internet:
BIND remains actively maintained by ISC:
| CVE | Severity | Description |
|---|---|---|
| CVE-2025-13878 | High | BRID/HHIT crash - crafted packets could cause named to terminate |
| CVE-2025-40780 | High | Weak PRNG could allow cache poisoning attacks |
| CVE-2025-40778 | High | Lenient answer parsing could enable cache poisoning |
| CVE-2025-8677 | Medium | DNSKEY processing could cause CPU exhaustion |
While BIND remains widely deployed, it faces competition from:
Current development focuses on:
BIND’s impact on internet infrastructure:
Questions? Find all contact information on our contact page.