[dnsdist] PowerDNS DNSdist 1.9.0
Remi Gacogne
remi.gacogne at powerdns.com
Fri Feb 16 14:27:47 UTC 2024
Hello!
We are very happy to release PowerDNS DNSdist 1.9.0 today! This new
version brings a fair number of new features since 1.8.3:
- DNS over QUIC [1]
- DNS over HTTP3
- AF_XDP [2] support
- the ability to set Extended DNS Error [3] statuses
- a cache-miss ratio dynamic block rule
- getAddressInfo for asynchronous DNS resolution
- Proxy Protocol support for TeeAction
- Proxy Protocol support can now be enabled on a per-bind basis
- many new selectors and actions
We would like to express our gratitude to Y7n05h [4] who contributed
AF_XDP support during Google Summef Code! It took us far too long to
integrate their contribution into a release, but it's finally there with
impressive results.
We also replaced the default library handling DNS over HTTPS, switching
from h2o to nghttp2 [5]. This change should be transparent for most
users, since we made sure to preserve the existing features and
configuration directives. Switching to nghttp2 allows us to support
hardware acceleration for TLS exchanges, using for example Linux's kTLS
[6] or Intel Quick-Assist Technology [7]. It also reduces our footprint
on low-end devices by not requiring an additional library, since nghttp2
was already used for outgoing DNS over HTTPS requests. Finally, while it
was a long time coming, h2o is officially [8] no longer maintained in a
way that makes it possible to use it as a stable library. Technically it
will still be possible to revert to the use of h2o for incoming DNS over
HTTPS in DNSdist 1.9.x, but we will remove that support after that.
Packagers need to be aware that SNMP support is no longer enabled by
default, as it had been causing integration issues in some environments
for a while, but it's still enabled in our packages. Two new features,
DNS over QUIC and DNS over HTTP3, require the Cloudflare's Quiche [9]
library, which is written in Rust [10] and might not be already present
in some distributions.
We also made changes to our Open Source End of Life policy. Older
release trains are now supported for one year after the following major
release. Consult the EOL policy [11] for more details.
Please see the DNSdist website [12] for the more complete changelog [13]
and the current documentation. The upgrade guide is also available there
[14].
Please send us all feedback and issues you might have via the mailing
list, or in case of a bug, via GitHub [15].
We are grateful to the PowerDNS community for the reporting of bugs,
issues, feature requests, and especially to the submitters of fixes and
implementations of features. We are particularly thankful to Denis
Machard for testing and reporting issues with dnstap and protobuf
exports, Håkan Lindqvist for tirelessly tracking issues in our DNS over
HTTP3 feature, Oto Šťáva from the Knot Resolver team for testing DNSdist
against his DNS over QUIC implementation in DNS Shotgun and reporting
several discrepancies!
The release tarball [16] and its signature [17] are available on the
downloads website, and packages for several distributions are available
from our repository [18].
[1]: https://www.rfc-editor.org/rfc/rfc9250.html
[2]: https://www.kernel.org/doc/html/next/networking/af_xdp.html
[3]: https://www.rfc-editor.org/rfc/rfc8914.html
[4]: https://github.com/Y7n05h
[5]: https://nghttp2.org/
[6]: https://docs.kernel.org/networking/tls-offload.html
[7]:
https://www.intel.com/content/www/us/en/architecture-and-technology/intel-quick-assist-technology-overview.html
[8]: https://github.com/h2o/h2o/issues/3230
[9]: https://github.com/cloudflare/quiche
[10]: https://www.rust-lang.org/
[11]: https://dnsdist.org/eol.html
[12]: https://dnsdist.org
[13]: https://dnsdist.org/changelog.html#change-1.9.0
[14]: https://dnsdist.org/upgrade_guide.html
[15]: https://github.com/PowerDNS/pdns/issues/new/choose
[16]:
https://downloads.powerdns.com/releases/dnsdist-1.9.0.tar.bz2
[17]:
https://downloads.powerdns.com/releases/dnsdist-1.9.0.tar.bz2.sig
[18]: https://repo.powerdns.com
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20240216/a4be9a03/attachment.sig>
More information about the dnsdist
mailing list