[Pdns-users] PowerDNS Recursor 3.1.5-rc1 released - expected to be final
bert hubert
bert.hubert at netherlabs.nl
Sat Mar 22 22:22:10 UTC 2008
Dear PowerDNS users,
Following snapshot5, 'release candidate 1' is released today. RC1 is
expected to be final, so your help in testing right now is very appreciated,
and should be relatively risk free. RC1 is already running in production in
some places, as is snapshot5.
.tar.bz2 (source):
http://svn.powerdns.com/snapshots/pdns-recursor-3.1.5-rc1.tar.bz2
.deb (i386/amd64/x86_64):
http://svn.powerdns.com/snapshots/pdns-recursor_3.1.5-rc1-1_amd64.deb
http://svn.powerdns.com/snapshots/pdns-recursor_3.1.5-rc1-1_i386.deb
.rpm (i386/amd64/x86_64):
http://svn.powerdns.com/snapshots/pdns-recursor-3.1.5rc1-1.i386.rpm
http://svn.powerdns.com/snapshots/pdns-recursor-3.1.5rc1-1.x86_64.rpm
The final 3.1.5 will be released on or shortly before the 31st of March
2008.
Many PowerDNS users contributed traces of their existing DNS traffic, parts
of these recordings have already been replayed against PowerDNS 3.1.5-rc1,
and results were good. Many thanks to everybody that contributed!
Changes versus snapshot5:
* Built-in authoritative server now properly derives the TTL from the
SOA record if not specified. Implemented in commit 1165. Additionally,
even when TTL was specified for the built-in authoritative server, it
was ignored. Reported by Stefan Schmidt, closing ticket 147.
* Empty TXT record components can now be served. Implemented in commit
1166, closing ticket 178.
* SOA records with embedded carriage-return characters are now parsed
correctly. Implemented in commit 1167, closing ticket 162.
* Implemented forward-zones-file option in order to support larger
amounts of zones which should be forwarded to another nameserver
(commit 963).
* Both forward-zones and forward-zones-file can now specify multiple
forwarders per domain, implemented in commit 1168, closing ticket 81.
Additionally, both these settings can also specify non-standard port
numbers, as suggested in ticket ticket 122. Patch authored by Aaron
Thompson, with additional work by Augie Schwer.
Full release notes (with clickable links:
http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-5 )
-----------------------------------------------------------------------
Much like 3.1.4, this release does not add a lot of major features.
Instead, performance has been improved significantly (estimated at around
20%), and many rare and not so rare issues were addressed. Multi-part TXT
records now work as expected - the only significant functional bug found
in 15 months. One of the oldest feature requests was fulfilled: version
3.1.5 can finally forward queries for designated domains to multiple
servers, on differing port numbers if needed. Previously only one
forwarder address was supported. This lack held back a number of
migrations to PowerDNS.
Perhaps important, this version can properly benefit from all IPv4 and
IPv6 addresses in use at the root-servers as of early February 2008.
Additionally, newer releases of the G++ compiler required some fixes (see
ticket 173).
Security related issues:
* The Recursor will by default no longer query private-space
nameservers. This closes a slight security risk and simultaneously
improves performance and stability. For more information, see
dont-query in Section 12.1. Implemented in commit 923.
* Applied fix for ticket 110 ('PowerDNS should change directory to '/'
in chroot), implemented in commit 944.
Performance:
* The DNS packet writing and parsing infrastructure performance was
improved in several ways, see commits 925, 926, 928, 931, 1021, 1050.
* Remove multithreading overhead from the Recursor (commit 999).
Bug fixes:
* Built-in authoritative server now properly derives the TTL from the
SOA record if not specified. Implemented in commit 1165. Additionally,
even when TTL was specified for the built-in authoritative server, it
was ignored. Reported by Stefan Schmidt, closing ticket 147.
* Empty TXT record components can now be served. Implemented in commit
1166, closing ticket 178.
* SOA records with embedded carriage-return characters are now parsed
correctly. Implemented in commit 1167, closing ticket 162.
* Some routing conditions could cause UDP connected sockets to generate
an error which PowerDNS did not deal with properly, leading to a
leaked file descriptor. As these run out over time, the recursor could
crash. This would also happen for IPv6 queries on a host with no IPv6
connectivity. Thanks to Kai of xs4all and Wichert Akkerman for
reporting this issue. Fix in commit 1133.
* Empty unknown record types can now be stored without generating a
scary error (commit 1129)
* Applied fix for ticket 111, ticket 112 and ticket 153 - large
(multipart) TXT records are now retrieved and served properly. Fix in
commit 996.
* Solaris compilation instructions in Recursor documentation were wrong,
leading to an instant crash on startup. Luckily nobody reads the
documentation, except for Marcus Goller who found the error. Fixed in
commit 1124.
* On Solaris, finally fix the issue where queries get distributed
strangely over CPUs, or not get distributed at all. Much debugging and
analysing performed by Alex Kiernan, who also supplied fixes.
Implemented in commit 1091, commit 1093.
* Various fixes for modern G++ versions, most spotted by Marcus Rueckert
(commits 964, 965, 1028, 1052), and Ruben Kerkhoff (commit 1136,
closing ticket 175).
* Recursor would not properly clean up pidfile and control socket,
closing ticket 120, code in commit 988, commit 1098 (spotted by Leo
Baltus)
* Recursor can now serve multi-line records from its limited
authoritative server (commit 1014).
* When parsing zones, the 'm' time specification stands for minutes, not
months! Closing Debian bug 406462 (commit 1026)
* Authoritative zone parser did not support '@' in the content of
records. Spotted by Marco Davids, fixed in commit 1030.
* Authoritative zone parser could be confused by trailing TABs on record
lines (commit 1062).
* EINTR error code could block entire server if received at the wrong
time. Spotted by Arnoud Bakker, fix in commit 1059.
* Fix crash on NetBSD on Alpha CPUs, might improve startup behaviour on
empty caches on other architectures as well (commit 1061).
* Outbound TCP queries were being performed sub-optimally because of an
interaction with the 'Mplexer'. Fixes in commit 1115, commit 1116.
New features:
* Implemented rec_control command get uptime, as suggested by Niels
Bakker (commit 935). Added to default rrdtool scripts in commit 940.
* The Recursor Authorative component, meant for having the Recursor
serve some zones authoritatively, now supports $INCLUDE and $GENERATE.
Implemented in commit 951 and commit 952, commit 967 (discovered by
Thomas Rietz),
* Implemented forward-zones-file option in order to support larger
amounts of zones which should be forwarded to another nameserver
(commit 963).
* Both forward-zones and forward-zones-file can now specify multiple
forwarders per domain, implemented in commit 1168, closing ticket 81.
Additionally, both these settings can also specify non-standard port
numbers, as suggested in ticket ticket 122. Patch authored by Aaron
Thompson, with additional work by Augie Schwer.
General improvements:
* Ruben Kerkhof fixed up weird permission bits as well as our SGML
documentation code in commit 936 and commit 937.
* Now perform EDNS0 root refreshing queries, so as to benefit from all
returned addresses. Relevant since early February 2008 when the
root-servers started to respond with IPv6 addresses, which made the
default non-EDNS0 maximum packet length reply no longer contain all
records. Implemented in commit 1130. Thanks to dns-operations AT
mail.oarc.isc.org for quick suggestions on how to deal with this
change.
* rec_control now has a timeout in case the Recursor does not respond.
Implemented in commit 945.
* (Error) messages are now logged with saner priorities (commit 955).
* Outbound query IP interface stemmed from 1997 (!) and was in dire need
of a cleanup (commit 1117).
* L.ROOT-SERVERS.NET moved (commit 1118).
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-users
mailing list