[Pdns-announce] First Release Candidate of PowerDNS Recursor 4.9.0

Peter van Dijk peter.van.dijk at powerdns.com
Thu Jun 15 10:04:28 UTC 2023 

We are proud to announce the first release candidate of PowerDNS
Recursor 4.9.0.

Compared to the previous major (4.8) release of PowerDNS Recursor, this
release contains the following major changes:
 * The performance impact of metrics collection has been reduced by
   using lock-free non-atomic thread-local counters.
 * The packet cache is sharded and shared by all threads.
 * The TTL of negative answers in the packet cache can now be
   controlled separately from positive and failure answers.
 * The rec_control trace_regex command writes the generated trace
   information to a specified file instead of the general log. The
   trace information contains more precise timestamps and DNSSEC
   validation information.
 * If [1]extended-resolution-errors is enabled EDNS errors are now
   generated in more cases, specifically when authoritative servers
   for a zone are unreachable or when synthesising answers by e.g.
   using the aggressive NSEC cache.
 * The aggressive NSEC cache has been changed not to store NSEC3
   entries which cover only a small [2]fraction of possible names.
   This also allows switching off the aggressive cache for NSEC3 only.
 * It is now possible to switch off [3]root-refreshing completely.
 * Proper handling of security policies that [4]restrict the use of
   specific DNSSEC algorithms on RHEL9 derived systems.

Feedback is appreciated!

As a follow-up to the shared packet cache, the default way the recursor
distributes requests over worker threads has now been changed to let
the operating system kernel do that, by changing the defaults
of [5]pdns-distributes-queries to no and [6]reuseport to yes. Though
our testing has shown benefits to this approach, we have seen that in
some rare cases (depending on OS and client traffic patterns) this can
have negative consequences: the queries are not distributed equally
over the worker threads. If you are running this pre-release, we would
appreciate your feedback to be able to confirm the change of defaults
benefits the vast majority of cases. Watch the periodic statistics
printed by the recursor to see if the worker threads process about
roughly amounts of queries. Especially if you see an imbalance, send us
details about the OS, hardware and configuration.

As always, there are also many smaller bug fixes and improvements,
please refer to the [7]changelog for additional details. When upgrading
do not forget to check the [8]upgrade guide.

Please send us all feedback and issues you might have via
the [9]mailing list, or in case of a bug, via [10]GitHub.

The [11]tarball ([12]signature) is available from our
download [13]server and packages for several distributions are
available from our [14]repository.

With the future final 4.9.0 release, the 4.6.x releases will be EOL and
the 4.7.x and 4.8.x releases will go into critical fixes only mode.
Consult the EOL [15]policy for more details.

We would also like to mention that with the 4.5 release we stopped
supporting systems using 32-bit time. This includes many 32-bit Linux
platforms.

We are grateful to the PowerDNS community for the reporting of bugs,
issues, feature requests, and especially to the submitters of fixes and
implementations of features.

References

   1.
https://docs.powerdns.com/recursor/settings.html#extended-resolution-errors
   2.
https://docs.powerdns.com/recursor/settings.html#aggressive-cache-min-nsec3-hit-ratio
   3. https://docs.powerdns.com/recursor/settings.html#hint-file
   4.
https://docs.powerdns.com/recursor/settings.html#dnssec-disabled-algorithms
   5.
https://docs.powerdns.com/recursor/settings.html#pdns-distributes-queries
   6. https://docs.powerdns.com/recursor/settings.html#reuseport
   7.
https://doc.powerdns.com/recursor/changelog/4.9.html#change-4.9.0-rc1
   8. https://docs.powerdns.com/recursor/upgrade.html
   9. https://mailman.powerdns.com/mailman/listinfo/pdns-users
  10. https://github.com/PowerDNS/pdns/issues/new/choose
  11.
https://downloads.powerdns.com/releases/pdns-recursor-4.9.0-rc1.tar.bz2
  12.
https://downloads.powerdns.com/releases/pdns-recursor-4.9.0-rc1.tar.bz2.sig
  13. https://downloads.powerdns.com/releases/
  14. https://repo.powerdns.com/
  15. https://docs.powerdns.com/recursor/appendices/EOL.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 914 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.powerdns.com/pipermail/pdns-announce/attachments/20230615/b972074e/attachment.sig>

More information about the Pdns-announce mailing list