[dnsdist] PowerDNS DNSdist 1.9.0-alpha1 released

Remi Gacogne remi.gacogne at powerdns.com
Mon Sep 18 08:54:32 UTC 2023 

Hello!

We are very happy to be releasing the first alpha release of what will 
become DNSdist 1.9.0!

The most important change since 1.8.1 is that incoming DNS over HTTPS 
requests are now handled by the nghttp2 library, instead of the h2o one. 
This change should be transparent for most users, since we made sure to 
preserve the existing features and configuration directives. Switching 
to nghttp2 allows us to support hardware acceleration for TLS exchanges, 
using for example Linux's kTLS or Intel Quick-Assist Technology. It also 
reduces our footprint on low-end devices by not requiring an additional 
library, since nghttp2 was already used for outgoing DNS over HTTPS 
requests. Finally, while it was a long time coming, h2o is officially 
[1] no longer maintained in a way that makes it possible to use it as a 
stable library. Technically it will still be possible to revert to the 
use of h2o for incoming DNS over HTTPS in DNSdist 1.9.x, but we will 
remove that support after that.

We have made a lot of small improvements since 1.8.x as well, like 
adding Lua bindings to access selectors and actions, more fields of a 
DNS header in Lua actions, and adding metrics for health-check events.

We still have several wonderful features planned for 1.9.0 that have not 
been merged yet, but rest assured that the final release will not be boring!

Packagers need to be aware that SNMP support is no longer enabled by 
default, as it had been causing integration issues in some environments 
for a while, but it's still enabled in our packages.

Speaking of packages, we are now publishing SLSA attestations along with 
our packages, making it possible to verify how exactly they were built 
and reproduce our workflow, providing strong guarantees against 
supply-chain attacks. Please get in touch if you want to know more!

Please see the DNSdist website [2] for the more complete changelog [3] 
and the current documentation. The upgrade guide is also available there 
[4].

Please send us all feedback and issues you might have via the mailing 
list, or in case of a bug, via GitHub [5].

We are immensely grateful to the PowerDNS community for the reporting of 
bugs, issues, feature requests, and especially to the submitters of 
fixes and implementations of features.

The release tarball [6] and its signature [7] are available on the 
downloads website, and packages for several distributions are available 
from our repository [8].

[1]: https://github.com/h2o/h2o/issues/3230
[2]: https://dnsdist.org
[3]: https://dnsdist.org/changelog.html#change-1.9.0-alpha1
[4]: https://dnsdist.org/upgrade_guide.html#x-to-1-9-0-alpha1
[5]: https://github.com/PowerDNS/pdns/issues/new/choose
[6]:
https://downloads.powerdns.com/releases/dnsdist-1.9.0-alpha1.tar.bz2
[7]:
https://downloads.powerdns.com/releases/dnsdist-1.9.0-alpha1.tar.bz2.sig
[8]: https://repo.powerdns.com

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20230918/f42e05e3/attachment.sig>

More information about the dnsdist mailing list