[Pdns-dev] PowerDNS Authoritative Server version 2.9.22 released!

bert hubert bert.hubert at netherlabs.nl
Tue Jan 27 22:37:33 CET 2009


PowerDNS Authoritative Server version 2.9.22 released!

Download from:

 http://downloads.powerdns.com/releases/pdns-2.9.22.tar.gz
 http://downloads.powerdns.com/releases/deb/stable/pdns-static_2.9.22-1_i386.deb
 http://downloads.powerdns.com/releases/rpm/pdns-static-2.9.22-1.i386.rpm
 http://downloads.powerdns.com/releases/deb/stable/pdns-static_2.9.22-1_amd64.deb
 http://downloads.powerdns.com/releases/rpm/pdns-static-2.9.22-1.x86_64.rpm

Release notes with clickable links available on
* http://doc.powerdns.com/changelog.html#CHANGELOG-AUTH-2-9-22

This is a huge release, spanning almost 20 months of
development. Besides fixing a lot of bugs, of note is the
addition of the so called 'Notification Proxy', which allows
PowerDNS to function as a master server behind a firewall, plus
the huge performance improvement of the internal caches.

This work has been made possible by UPC Broadband and Directi,
respectively.

Finally, the release candidates of this version have been
tested & improved by Jorn Ekkelenkamp, Ton van Rosmalen, Jeff
Sipek, Tyler Hall, Christof Meerwald and Stefan Schmidt.

Fixed between rc1 and rc2, but not an issue in 2.9.21.

  * pdns_control ccounts again outputs proper cache statistics.
    Implemented in commit 1304.
  * Negative query caching was reinstated, leading to 6 times
    fewer backend queries than rc1 on the Express.powerdns.com
    servers.
  * Packetcache no longer needlessly parses outgoing packets
    before sending them.
  * Fancy records work again. This work has been sponsored by
    ISP Services. Implemented in commit 1302 and commit 1299.

New features:

  * pdns_control can now also work over TCP/IP. Sponsored by
    Directi. Commits 1246, 1251, 1254, 1255.
  * Implemented a notification proxy, see Section 19.1. This
    work was sponsored by UPC Broadband. Implemented in commits
    1075, 1077, 1082, 1083, 1085 and 1086.
  * IXFR queries are now supported in the sense that we treat
    them as AXFR queries, silencing warnings in other
    nameservers. Suggested in ticket 131.
  * The PIPE backend has been extended by David Apgar to allow
    the reporting of errors using the 'FAIL' command, plus
    support for responses with whitespace. Implemented in
    commit 1114.
  * PowerDNS Authoritative server now parses incoming EDNS
    options, like maximum allowed packet size. Implemented in
    commit 1123 and commit 1281.
  * Added support for DHCID, IPSECKEY and KX records, thanks
    Norbert Sendetzky for the hint. Implemented in commit 1144.
  * Norbert Sendetzky has has added support for all record
    types supported by PowerDNS to the LDAPBackend.
    Furthermore, the detection of OpenLDAP in autoconf has been
    improved. Finally, debian has supplied some fixes to
    PowerLDAP. Implemented in commit 1152 and commit 1153.
  * Implemented EDNS NSID option for retrieving the nameserver
    ID out of band. Defaults to hostname, can be specified
    using the server-id setting. Code in commit 1232.
  * Implemented experimental EDNS PING for enhanced forgery
    resilience. Code in commit 1232.

Performance:

  * Improve packet generation performance, in some cases by
    25%. Code in 1258, 1259.
  * Improved access list checking performance. commit 1261.
  * PowerDNS Authoritative caches were completely redone, and
    are now based on the same cache that is in the resolver.
    This work has been sponsored by Directi. In large
    benchmarks, PowerDNS performance has improved by an order
    of magnitude or more. This new version allows for
    near-instantaneous cache purging, plus very rapid purging
    based on suffix. Purge commands can also be batched. This
    work is partially based on an innovative reverse-string
    comparison function authored by Aki Tuomi.
  * Installations which run with very high cache hitrates can
    now benefit from multiple CPUs by setting receiver-threads
    to the number of desired CPUs to utilize in cache
    operations. Implemented in commit 1316.
  * BIND backend speedups in commit 1108, measured at around a
    20% improvement, possibly more on very large setups.

Bugs fixed:

  * Tyler Hall discovered the PowerDNS configuration file
    parser had problems with trailing tabs. This turned out to
    be a wider problem in PowerDNS. Buggy code replaced by a
    library call in commit 1237 and commit 1240.
  * David Apgar of Yahoo discovered that our 'guardian' method
    of restarting PowerDNS in case of problems was not fool
    proof, and submitted a fix. A variation of this fix can be
    found in commit 1323. Also reported by Directi.
  * Connection reset by peer events in the TCP nameserver no
    longer lead to the cycling of database connections. Code in
    commit 1241.
  * FreeBSD compilation with Generic PostgreSQL backend was
    fixed. Reported by Wouter de Jong of WideXS, fixed in
    commit 1305, closes ticket 95.
  * Webserver no longer prints '1e2%'. Finally closes ticket
    26. Much friendly nagging for over 3 years by Jeff Sipek,
    code in commit 1303.
  * PowerDNS used to ignore certain queries it could not
    answer. These queries are no longer ignored, but get a
    SERVFAIL response. Implemented in commit 1239.
  * Fix subtle CNAME and wildcard interactions reported by
    'zzyzz', implemented in commit 1147.
  * The generic backends did not honour the default-ttl
    setting. Spotted and implemented by Matti Hiljanen.
  * Matti Hiljanen discovered that the OpenDBX backend did not
    fill out the SOA ttl value properly. Matti also improved
    the SQL statements for better compatibility. Implemented in
    commit 1181.
  * Treat invalid WWW requests better. Spotted by Maikel
    Verheijen, implemented in commit 1092.
  * Documentation errors and typos, spotted by Marco Davids
    (commit 1097) and Rejo Zengers (commit 1119)
  * Properly fill out the 'recursion available'-flag. Spotted
    by Augie Schwer in ticket 167.
  * Several memory leaks on bad data in the database or other
    errors have been fixed. Addressed in 1078 and 1079.
  * In contravention to the documentation, the domain type as
    specified in the database ('MASTER', 'SLAVE' or 'NATIVE')
    was interpreted case sensitively. 1084.
  * BIND backend could crash on processing information about
    slave zones to be checked. Spotted by Stefan Schmidt, fixed
    in 1089.
  * Jelte Jansen of Stichting NLNetLabs discovered PowerDNS in
    BIND mode couldn't operate as a root-server! Fixed in 1057.
  * 'DPS' discovered there was a rare opportunity for PowerDNS
    to lock up waiting for new data. Addressed in 1076.
  * Make singlethreaded mode more resilient against errors.
    commit 1272.
  * DNSSEC records were part of 2.9.21, but were not actually
    hooked up. Please note that while PowerDNS can serve most
    DNSSEC records, it does not do DNSSEC processing.
    Implemented in 1046.
  * Shawn Starr migrated all his domains to PowerDNS in one
    evening, from an installation that had been used since
    BIND4. In doing so, he found 3 bugs in as many hours. An IN
    statement in the BIND named.conf with a zone with a
    trailing dot was misparsed, fixed in commit 1233. Secondly,
    the zonefile parser tripped over a line consisting of
    nothing but comments in the wrong place. Finally '$ORIGIN
    .' was misparsed. Last two issues fixed in commit 1234.
  * Our statistics counters did not wrap correctly after the
    2.15 billion mark. Spotted by Stefan Schmidt, reported in
    ticket 179, fixed in commit 1284.
  * Bindbackend could sometimes generate very strange error
    messages while processing a malformed zone file. Sometimes
    such error messages could cause a crash (reported on
    HP-UX). Addressed by commit 1279. This could not be
    triggered remotely. Closes ticket ticket 203.
  * Pipe backend did not clean up killed coprocesses. Found and
    fixed by Daniel Drown
  * Installations with tens of thousands of slave domains would
    never complete the cycle to check the freshness of all
    zones as each incoming notification disrupted this cycle.
    Addressed in cooperation with Tyler Hall of EditDNS.

Improvements:

  * Zoneparser improvements mean $TTL and $INCLUDES now work a
    lot better. Implemented in 1056, 1062.
  * No longer report temporary recvfropenDBX so that SQLite reads and writes
    no longer deadlock, plus compliation fixes on Solaris, plus
    the addition of autoserials to backends that support
    triggers. Implemented in commit 1154.
  * Random generator is now based on AES, improving the
    security of certain proxy operations. This is the same
    random generator that is in the recursor. Implemented in
    commit 1256.
  * Documentation for 'supermaster' mode was improved due to
    popular demand.
  * When binding to a UDP port failed, supply a more precise
    error message (commit 1245)
  * The zoneparser error messages were vastly improved,
    partially inspired by Shawn's cowboy migration. Code in
    commit 1235.
  * Labels are compressed more efficiently
    (case-insensitively), leading to smaller packets.
    Implemented in commit 1156.
  * Fix handling of TCP timeouts to not cause a reload of the
    backends. Implemented in commit 1092.
  * TCP Receiver no longer spams the log with common network
    errors. Implemented in commit 1306.
  * Move from select() to poll()-based multiplexing, allowing
    PowerDNS to listen on more than 1024 sockets
    simultaneously. One big PowerDNS user needs this.
    Implemented in 1072.
  * Zone2sql now reads source files in performance enhancing
    inode order. Additionally, zone2sql no longer dies on a
    missing zone file if --on-error-resume-next was specified.
    Finally, statistics of zone2sql conversion have been
    improved. Implemented in 1055.
  * Address issues found by more recent g++ versions. Spotted
    and/or fixed by Jorn Ekkelenkamp (commit 1051), Marcus
    Rueckert (commit 1094), Norbert Sendetzky (commit 1107),
    Serge Belyshev (commit 1171).
  * The Intel C Compiler implements certain things differently,
    causing the master/slave communicator to malfunction.
    Spotted by Marcus Rueckert, implemented in 1052, plus
    fallout in 1105.
  * PowerDNS can now be compiled with Boost 1.3

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services


More information about the Pdns-dev mailing list