[Pdns-announce] PowerDNS DNSdist 2.0.2 released

Remi Gacogne remi.gacogne at powerdns.com
Tue Dec 2 09:54:21 UTC 2025 

Hello!

We released PowerDNS DNSdist 2.0.2 today, fixing several issues:

- the wrong reply address was used when using DNS over QUIC or DNS over 
HTTP/3 on FreeBSD
- query rules were not processed after setting a tag from a dynamic rule
- selecting the Lua version to use was not possible when building with meson
- rules executed from a timeout when invoked without a valid DNS header, 
causing issues with some selectors and actions
- large UDP responses received via AF_XDP/XSK were not always properly 
processed
- the round-robin load-balancing policy was not using an atomic counter, 
and could thus have a bias
- meta protocol buffer keys were not properly passed from query to response
- setting the hash perturbation to a custom value from YAML was not 
working properly
- TCP connections to backends could fail on macOS and some BSD systems
- invalid regular expressions from YAML are now properly handled
- unknown selectors and policies in YAML could lead to a crash when 
parsing the configuration
- "TimedIPSet" objects can now be used from YAML
- errors in Lua traceback handlers are now properly handled
- we added a workaround for a memory leak present in OpenSSL 3.6.0

A few performance improvements were also made:

- inserting into the in-memory rings is a bit faster
- using "recvmmsg" is now be faster
- change bogusV4/bogusV6 addresses to static constants to avoid parse in 
every call (delichik)
- the default maximum number of descriptors has been raised to 1M
- the FFI "alternate name" interface has been refactored

And the following new features were added:

- a new selector to match the incoming protocol
- a Date: response header is now included for rejected HTTP/1 requests

Please see the DNSdist website [1] for the more complete changelog [2] 
and the current documentation. The upgrade guide is also available there 
[3].

Please send us all feedback and issues you might have via the mailing 
list, or in case of a bug, via GitHub [4].

The release tarball [5] and its signature [6] are available on the 
downloads website, and packages for several distributions are available 
from our repository [7].

[1]: https://dnsdist.org
[2]: https://dnsdist.org/changelog.html#change-2.0.2
[3]: https://dnsdist.org/upgrade_guide.html
[4]: https://github.com/PowerDNS/pdns/issues/new/choose
[5]:
https://downloads.powerdns.com/releases/dnsdist-2.0.2.tar.xz
[6]:
https://downloads.powerdns.com/releases/dnsdist-2.0.2.tar.xz.sig
[7]: https://repo.powerdns.com

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-announce/attachments/20251202/2126a204/attachment.sig>

More information about the Pdns-announce mailing list