[Pdns-announce] Now is the time to test the 2.9.21 snapshots + release notes.
bert.hubert at netherlabs.nl
Mon Apr 9 12:39:22 UTC 2007
Somewhere in the coming 2 weeks, we will release the PowerDNS Authoritative
Server version 2.9.21.
While slight issues remain to be worked out, the bulk of the bugs reported
for 2.9.20 have been fixed.
Most importantly, the current snapshot (1023) now has binary packages (db
and rpm) that are compatible with all current Linux distributions again,
which our previous binary packages were not.
Please find tar.gz, deb and rpm on: http://svn.powerdns.com/snapshots/1023/
It is very important that people test the 2.9.21 snapshots so we can
guarantee a very high level of quality once the actual release comes round.
Also, if you spot problems now, we are ready to fix them instantly. Once the
release happens, we might be too busy to cater to everybody immediately.
Here are the release notes as text. Far prettier release notes, with
clickable links to all changes, are available on
This is the first release the PowerDNS Authoritative Server since the
Recursor was split off to a separate product, and also marks the transfer
of the new technology developed specifically for the recursor, back to the
This move has reduced the amount of code of the Authoritative server by
over 2000 lines, while improving the quality of the program enormously.
However, since so much has been changed, care should be taken when
To signify the magnitude of the underlying improvements, the next release
of the PowerDNS Authoritative Server will be called 3.0.
This release would not have been possible without large amounts of help
and support from the PowerDNS Community. We specifically want to thank
Massimo Bandinelli of Italy's Register.it, Dave Aaldering of Aaldering
ICT, True BV, XS4ALL, Daniel Bilik of Neosystem, EasyDNS, Augie Schwer,
Mark Bergsma, Marcus Rueckert of OpenSUSE, Andre Muraro of Locaweb, Antony
Lesuisse, Norbert Sendetzky, Marco Chiavacci, and Ruben Kerkhof.
* The previous packet parsing and generating code contained no known
bugs, but was however very lengthy and overly complex, and might have
had security problems. The new code is 'inherently safe' because it
relies on bounds-checking C++ constructs. Therefore, a move to 2.9.21
is highly recommened.
* Pre-2.9.21, communication between master and server nameservers was
not checked as rigidly as possible, possibly allowing third parties to
disrupt but not modify such communications.
Warning The 'bind1' legacy version of our BIND backend has been dropped!
There should be no need to rely on this old version anymore, as
the main BIND backend has been very well tested recently.
* Multi-part TXT records weren't supported. This has been fixed, and
regression tests have been added. Code in commits 1016, 996, 994.
* Our snapshots were built against a static version of PosgreSQL that
was incompatible with many Linux distributions, leading to instant
crashes on startup. Fixed in 1022 and 1023.
* CNAME referrals to child zones gave improper responses. Noted by Augie
Schwer in ticket 123, fixed in commit 992.
* NS to a nameserver with the name of the zone itself generated
problems. Spotted by Augie Schwer, fixed in commit 947.
* Multi-line records in the BIND backend were not always parsed
correctly. Fixed in commit 1014.
* The LOC-record had problems operating outside of the eastern
hemisphere of the northern part of the world! Fixed in commit 1011.
* Backends were compiled without multithreading preprocessor flags. As
far as we can determine, this would only cause problems for the BIND
backend, but we cannot rule out this caused instability in other
backends. Fixed in commit 1001.
* The BIND backend was highly unstable under reloads, and leaked memory
and file descriptors. Thanks to Mark Bergsma and Massimo Bandinelli
for respectively pointing this out to us and testing large amounts of
patches to fix the problem. The fixes have resulted in better
performance, less code, and a remarkable simplification of this
backend. commit 1006, commit 999, commit 905 and previous.
* BIND backend gave convincing NXDOMAINS on unloaded zones in some
cases. Spotted and fixed by Daniel Bilik in commit 984.
* SOA records in zone transfers sometimes contained the wrong SOA TTL.
Spotted by Christian Kuehn, fixed in commit 902.
* PowerDNS could get confused by very high SOA serial numbers. Spotted
and fixed by Dan Billik, fixed in commit 626.
* Some versions of FreeBSD perform very strict checks on socket address
sizes passed to 'connect', which could lead to problems retrieving
zones over AXFR. Fixed in commit 891.
* Some versions of FreeBSD perform very strict checks on IPv6 socket
addresses, leading to problems. Discovered by Sten Spans, fixed in
commit 885 and commit 886.
* IXFR requests were not logged properly. Noted by Ralf van der Enden,
fixed in commit 990.
* Many bugs in the TCP nameserver, leading to a PowerDNS process that
did not respond to TCP queries over time. Many fixes provided by Dan
Bilik, other problems were fixed by rewriting our TCP handling code.
Commits 982 and 980, 950, 924, 889, 874, 869, 685, 684.
* Fix crashes on the ARM processor due to alignment errors. Thanks to
Sjoerd Simons. Closes Debian bug 397031.
* Missing data in generic SQL backends would sometimes lead to faked SOA
serial data. Spotted by Leander Lakkas from True. Fix in commit 866.
* When receiving two quick notifications in succession, the packet cache
would sometimes "process" the second one, leading PowerDNS to ignore
it. Spotted by Dan Bilik, fixed in commit 686.
* Geobackend (by Mark Bergsma) did not properly override the getSOA
method, breaking non-overlay operation of this fine backend. The
geobackend now also skips '.hidden' configuration files, and now
properly disregards empty configuration files. Additionally, the
overlapping abilities were improved. Details available in commit 876,
* Thanks to EasyDNS, PowerDNS now supports multiple masters per domain.
Implemented in commit 1018, commit 1017.
* Thanks to EasyDNS, PowerDNS now supports the KEY record type, as well
the SPF record. In commit 976.
* Added support for CERT, SSHFP, DNSKEY, DS, NSEC, RRSIG record types,
as part of the move to the new DNS parsing/generating code.
* Support for the AFSDB record type, as requested by 'Bastian'.
Implemented in commit 978, closing ticket 129.
* Support for the MR record type. Implemented in commit 941 and commit
* Gsqlite3 backend was added by Antony Lesuisse in commit 942;
* Added the ability to send out light-weight root-referrals that save
bandwidth yet still placate mediocre resolver implementations.
Implemented in commit 912, enable with 'root-referral=lean'.
* Miscellaneous OpenDBX and LDAP backend improvements by Norbert
Sendetzky. Applied in commit 977.
* SGML source of the documentation was cleaned up by Ruben Kerkhof in
* Speedups in core DNS label processing code. Implemented in commit 928,
commit 654, commit 1020.
* When communicating with master servers and encountering errors, more
useful details are logged. Reported by Stefan Arentz in ticket 137,
closed by commit 1015.
* Database errors are now logged with more details. Addressed in commit
* pdns_control problems are now logged more verbosely. Change in commit
* Erroneous address configuration was logged unclearly. Spotted by River
Tarnell, fixed in commit 888.
* Example configuration shipped with PowerDNS was very old. Noted by
Leen Besselink, fixed in commit 946.
* PowerDNS neglected to chdir to the root when chrooted. This closes
ticket 110, fixed in commit 944.
* Microsoft resolver had problems with responses we generated for CNAMEs
pointing out of our bailiwick. Fixed in commit 983 and expedited by
* Built-in webserver logs errors more verbosely. Closes ticket 82, gixed
in commit 991.
* Queries containing '@' no longer flood the logs. Addressed in commit
* The build process now looks for PostgreSQL in more places. Implemented
in commit 998, closes ticket 90.
* Speedups in the BIND backend now mean large installations enjoy
startup times up to 30 times faster than with the original BIND
nameserver. Many thanks to Massimo Bandinelli.
* IPv6 and IPv4 address parsing routines have been replaced,t 962, commit
1012 and others.
* 5 new regression tests have been added to insure old bugs do not
* Fix small issues with very modern compilers and BOOST snapshots. Noted
by Marcus Rueckert, addressed in commit 954, commit 964 commit 965,
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-announce