[Pdns-dev] dnsdist 1.4.0 released

Wed Nov 20 16:51:08 UTC 2019

Hello everyone,

After five release candidates, we are thrilled to finally announce the
release of dnsdist 1.4.0 !

This new major version has been used in production by several large
operators since the first release candidate, including the new DNS over
HTTPS feature, providing invaluable feedback.

This release has very few changes since the previous release candidate:
- names blocked by a SMT dynamic block are now lowercased ;
- we went back to selecting the cipher suites based on the server
preference instead of the client by default ;
- some typo, documentation and help messages have been fixed.

For those new to the 1.4.0 train, the main changes between 1.3.3 and
1.4.0 are:
- a new, much more scalable way of handling DNS over TCP and DNS over
TLS connections, with a lot of new metrics and options like OCSP stapling ;
- support for DNS over HTTPS ;
- a new experimental feature, the ability to look into a Key-Value store
like CDB or LMDB and to route a query based on the result of this lookup ;
- new rules and actions to deal with unexpected EDNS version (Dmitry
Alenichev) ;
- a new QNameSetRule rule, along with the DNSNameSet object, to match
exact qnames instead of doing suffix matching (Andrey Domas) ;
- a new ContinueAction has been added as well, allowing to keep
processing rules even after calling a normally terminal action, like
PoolAction ;
- we also added a few convenience functions to pseudonymize IP
addresses, as several users reported that they needed it to be
GDPR-compliant ;
- the health check mechanism has been improved with the new
checkInterval, checkTimeout and rise parameters, thanks notably to “1848” ;
- and, finally, we also improved the existing LogAction to make it much
more useful for debugging and accounting purposes.

Please see the upgrade guide [1] before upgrading from 1.3.x to 1.4.0,
as a few things have been cleaned up and might require updating your
existing configuration.

We want to once again thank everyone that contributed to the testing of
the previous release candidates!

Please see the dnsdist website [2] for the more complete changelog [3]
and the current documentation.

Release tarballs are available on the downloads website [4].

Several packages are also available in our repository [5].

[1]: https://dnsdist.org/upgrade_guide.html#x-to-1-4-0
[2]: https://dnsdist.org
[3]: https://dnsdist.org/changelog.html#change-1.4.0
[4]: https://downloads.powerdns.com/releases/dnsdist-1.4.0.tar.bz2
[5]: https://repo.powerdns.com/

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-dev/attachments/20191120/7c4bd98b/attachment.sig>