[Pdns-dev] PowerDNS version 2.9.19 released!
bert.hubert at netherlabs.nl
Sat Oct 29 20:58:16 CEST 2005
This is again an important release. In short, better recursor, some DNSSEC
support, possibility to run from alternate DNS roots (ORSN, for example),
many many bugs fixed and more involvement and support from the PowerDNS
community. A recommended upgrade! Read all about it below.
[ the ticket and commit numbers cited below refer to those on the wiki,
As with other recent releases, the usage of PowerDNS appears to have
skyrocketed. Informal, though strict, measurements show that PowerDNS now
powers around 50% of all German domains, and somewhere in the order of
10-15% of the rest of the world. Furthermore, DNS is set to take a
central role in connecting Voice over IP providers, with PowerDNS
offering a very good feature set for these ENUM deployments. PowerDNS is
already powering the E164.info ENUM zone and also acts as the backend for
a major VoIP provisioning platform.
Included in this release is the now complete packet parsing/generating,
record parsing/generating infrastructure. Furthermore, this framework is
used by the recursor, hopefully making it very fast, memory efficient and
robust. Many records are now processed using a single line of code. This
has made the recursor a lot stricter in packet parsing, you will see some
error messages which did not appear before. Rest assured however that
these only happen for queries which have no valid answer in any case.
Furthermore, support for DNSSEC records is available in the new
infrastructure, although is should be emphasised that there is more to
DNSSEC than parsing records. There is no real support for DNSSEC (yet).
Additionally, the BIND Backend has been replaced by what was up to now
known as the 'Bind2Backend'. Initial benchmarking appears to show that
this backend is faster, uses less memory and has shorter startup times.
The code is also shorter.
This release fixes a number of embarassing bugs and is a recommended
Thanks are due to XS4ALL who are supporting continuing development of
PowerDNS, the fruits of which can be found in this release already.
Furthermore, a remarkable number of people have helped report bugs,
validate solutions or have submitted entire patches. Many thanks!
* dnsreplay now has a help message and has received further
massive updates, making the code substantially faster. It
turns out that dnsreplay is often 'heavier' than the
PowerDNS process being benchmarked.
* PowerDNS recursor no longer prints out its queries by
default as most recursor deployments have too much traffic
for this to be useful.
* PowerDNS recursor is now able to read its root-hints from
disk, which is useful to operate with alternate roots,
like the Open Root Server Network. See Chapter 12.
* PowerDNS can now send out old-fashioned root-referrals
when queried for domains for which it is not
authoritative. Wastes some bandwidth but may solve
incoming query floods if domains are delegated to you for
which you are not authoritative, but which are queried by
* PowerDNS now prints out a warning when running with legacy
LinuxThreads implementation instead of the high
performance NPTL library, see Section 9.2. Commit 455.
* A lot of superfluous calls to gettimeofday() have been
removed, making PowerDNS and especially the recursor
faster. Suggested by Kai.
* SPF records are now supported natively. Commit 472,
closing ticket 22.
* Improved IPv6 'bound to' messages. Thanks to Niels Bakker,
Wichert Akkermans and Gerty de Wolf for suggestions.
* Separate graphs can now be made of IPv6 queries and
answers. Commit 485.
* Out of zone additional processing is now on by default to
better comply with standards. Commit 487.
* Regression tests have been expanded to deal with more
record types (SRV, NAPTR, TXT, duplicate SRV).
* Improved query-logging in Bindbackend, which can be used
for debugging purposes.
* Dropped libpcap dependency, making compilation easier
* pdns_control now has a help message.
* Add RRSIG, DNSKEY, DS and NSEC records for DNSSEC-bis to
new parser infrastructure.
* Recursor now honours EDNS0 allowing it to send out larger
* Domain name validation has been made a lot stricter - it
turns out PostgreSQL was interpreting some (corrupt)
domain names as unicode. Tested and suggested by
Register.com (commit 451).
* LDAP backend did not compile (commit 452, 453) due to
partially applied patch (Norbert Sendetzky)
* Incoming zone transfers work reliably again. Commit 460
and beyond. And 523 - closing Debian bug 330184.
* Recent g++ versions exposed a mistake in the PowerDNS
recursor cache pruning code, causing random crashes.
Fixed. Commit 465. Reported by several Red Hat users.
* PowerDNS recursor, and MTasker in general, did not work on
Solaris. Patch by Juergen Ilse. Commit 471. Also moved
most of PowerDNS over to uint32_t style typedefs, which
eases compilation problems on Solaris. Commit 477.
* Bindbackend2 did not properly search its include path for
$INCLUDE statements. Noted by Mark Bergsma. Commit 474.
* Bindbackend did not notice changed zones, this problem has
been fixed by the move to Bind2.
* Pipebackend did not clean up, leading to an additional
pipe backend per AXFR or pdns_control reload. Discovered
by Marc Jauvin, fixed by commit 525.
* Bindbackend (both old and current versions) did not honour
'include' statements in named.conf on pdns_control
rediscover. Noted by Marc Jauvin, fixed by commit 526.
* Zone transfers were sometimes shuffled, which wastes
useless time. Commit 478.
* CNAMEs and Wildcards now work as in Bind, fixing many
complaints. Commit 487.
* NAPTR records were compressed, which would work, but was
in violation of the RFC. Commit 493.
* NAPTR records were not always parsed correctly from BIND
zonefiles, fixed. Commit 494.
* Geobackend needed additional include statement to compile
on more recent Linux distrbutions. Commit 496.
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-dev