[Pdns-users] PowerDNS version 2.9.19 released!

bert hubert bert.hubert at netherlabs.nl
Sat Oct 29 17:58:16 UTC 2005


Download at:
 tar: http://downloads.powerdns.com/releases/pdns-2.9.19.tar.gz
 rpm: http://downloads.powerdns.com/releases/rpm/pdns-static-2.9.19-1.i386.rpm
 deb: http://downloads.powerdns.com/releases/deb/stable/pdns-static_2.9.19-2_i386.deb

This is again an important release. In short, better recursor, some DNSSEC
support, possibility to run from alternate DNS roots (ORSN, for example),
many many bugs fixed and more involvement and support from the PowerDNS
community. A recommended upgrade! Read all about it below.

[ the ticket and commit numbers cited below refer to those on the wiki,
  http://wiki.powerdns.com ]

Release notes:
   As with other recent releases, the usage of PowerDNS appears to have
   skyrocketed. Informal, though strict, measurements show that PowerDNS now
   powers around 50% of all German domains, and somewhere in the order of
   10-15% of the rest of the world. Furthermore, DNS is set to take a
   central role in connecting Voice over IP providers, with PowerDNS
   offering a very good feature set for these ENUM deployments. PowerDNS is
   already powering the E164.info ENUM zone and also acts as the backend for
   a major VoIP provisioning platform.

   Included in this release is the now complete packet parsing/generating,
   record parsing/generating infrastructure.  Furthermore, this framework is
   used by the recursor, hopefully making it very fast, memory efficient and
   robust. Many records are now processed using a single line of code. This
   has made the recursor a lot stricter in packet parsing, you will see some
   error messages which did not appear before. Rest assured however that
   these only happen for queries which have no valid answer in any case.

   Furthermore, support for DNSSEC records is available in the new
   infrastructure, although is should be emphasised that there is more to
   DNSSEC than parsing records. There is no real support for DNSSEC (yet).

   Additionally, the BIND Backend has been replaced by what was up to now
   known as the 'Bind2Backend'. Initial benchmarking appears to show that
   this backend is faster, uses less memory and has shorter startup times.
   The code is also shorter.

   This release fixes a number of embarassing bugs and is a recommended
   upgrade.

   Thanks are due to XS4ALL who are supporting continuing development of
   PowerDNS, the fruits of which can be found in this release already.
   Furthermore, a remarkable number of people have helped report bugs,
   validate solutions or have submitted entire patches. Many thanks!

   Improvements:

     * dnsreplay now has a help message and has received further
       massive updates, making the code substantially faster. It
       turns out that dnsreplay is often 'heavier' than the
       PowerDNS process being benchmarked.
     * PowerDNS recursor no longer prints out its queries by
       default as most recursor deployments have too much traffic
       for this to be useful.
     * PowerDNS recursor is now able to read its root-hints from
       disk, which is useful to operate with alternate roots,
       like the Open Root Server Network. See Chapter 12.
     * PowerDNS can now send out old-fashioned root-referrals
       when queried for domains for which it is not
       authoritative. Wastes some bandwidth but may solve
       incoming query floods if domains are delegated to you for
       which you are not authoritative, but which are queried by
       broken recursors.
     * PowerDNS now prints out a warning when running with legacy
       LinuxThreads implementation instead of the high
       performance NPTL library, see Section 9.2. Commit 455.
     * A lot of superfluous calls to gettimeofday() have been
       removed, making PowerDNS and especially the recursor
       faster. Suggested by Kai.
     * SPF records are now supported natively. Commit 472,
       closing ticket 22.
     * Improved IPv6 'bound to' messages. Thanks to Niels Bakker,
       Wichert Akkermans and Gerty de Wolf for suggestions.
     * Separate graphs can now be made of IPv6 queries and
       answers. Commit 485.
     * Out of zone additional processing is now on by default to
       better comply with standards. Commit 487.
     * Regression tests have been expanded to deal with more
       record types (SRV, NAPTR, TXT, duplicate SRV).
     * Improved query-logging in Bindbackend, which can be used
       for debugging purposes.
     * Dropped libpcap dependency, making compilation easier
     * pdns_control now has a help message.
     * Add RRSIG, DNSKEY, DS and NSEC records for DNSSEC-bis to
       new parser infrastructure.
     * Recursor now honours EDNS0 allowing it to send out larger
       answers.

   Bugs fixed:

     * Domain name validation has been made a lot stricter - it
       turns out PostgreSQL was interpreting some (corrupt)
       domain names as unicode. Tested and suggested by
       Register.com (commit 451).
     * LDAP backend did not compile (commit 452, 453) due to
       partially applied patch (Norbert Sendetzky)
     * Incoming zone transfers work reliably again. Commit 460
       and beyond. And 523 - closing Debian bug 330184.
     * Recent g++ versions exposed a mistake in the PowerDNS
       recursor cache pruning code, causing random crashes.
       Fixed. Commit 465. Reported by several Red Hat users.
     * PowerDNS recursor, and MTasker in general, did not work on
       Solaris. Patch by Juergen Ilse. Commit 471. Also moved
       most of PowerDNS over to uint32_t style typedefs, which
       eases compilation problems on Solaris. Commit 477.
     * Bindbackend2 did not properly search its include path for
       $INCLUDE statements. Noted by Mark Bergsma. Commit 474.
     * Bindbackend did not notice changed zones, this problem has
       been fixed by the move to Bind2.
     * Pipebackend did not clean up, leading to an additional
       pipe backend per AXFR or pdns_control reload. Discovered
       by Marc Jauvin, fixed by commit 525.
     * Bindbackend (both old and current versions) did not honour
       'include' statements in named.conf on pdns_control
       rediscover. Noted by Marc Jauvin, fixed by commit 526.
     * Zone transfers were sometimes shuffled, which wastes
       useless time. Commit 478.
     * CNAMEs and Wildcards now work as in Bind, fixing many
       complaints. Commit 487.
     * NAPTR records were compressed, which would work, but was
       in violation of the RFC. Commit 493.
     * NAPTR records were not always parsed correctly from BIND
       zonefiles, fixed. Commit 494.
     * Geobackend needed additional include statement to compile
       on more recent Linux distrbutions. Commit 496.

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services


More information about the Pdns-users mailing list