[Pdns-users] Release Candidate: PowerDNS Authoritative Server 2.9.22-rc2 released!
Pascal
purrie at gmail.com
Sun Nov 30 11:32:45 UTC 2008
Hi,
In this rc2 release putting 0 as 'serial' in the mysql table in the SOA
field it is still not being replaced by I believe the unixdate as serial. So
that breaks a lot of things among slave updating. The last release this
actually worked properly was 2.9.19.
Sincerly,
Pascal
On Sat, Nov 29, 2008 at 11:12 PM, bert hubert <bert.hubert at netherlabs.nl>wrote:
> Download from:
>
> http://downloads.powerdns.com/releases/pdns-2.9.22-rc1.tar.gz
>
> http://downloads.powerdns.com/releases/deb/stable/pdns-static_2.9.22-rc1-1_i386.deb
>
> http://downloads.powerdns.com/releases/rpm/pdns-static-2.9.22rc1-1.i386.rpm
>
> 2.9.22 will be a very important PowerDNS release, especially since it
> contains so much change compared to 2.9.21.
>
> This is why the full 2.9.22 release is preceeded by several Release
> Candidates. It is expected that this second candidate will be followed by a
> third, which might actually be renamed into 2.9.22.
>
> Some major sites already run this version, totalling over 130,000 domains,
> so things appear to work pretty well.
>
> We sincerely hope more people will help test this release. If you report
> success, or failure, we'll insert your name below in the release notes.
> This
> is an easy way to contribute to the success of PowerDNS, and get your name
> immortalised!
>
> Finally - this RC also protects against the issue for which 2.9.21.2 was
> released this morning. So even from a security perspective, it makes sense
> to test this release.
>
> Provisional Release notes
> -------------------------
> (available with clickable links on
> http://doc.powerdns.com/changelog.html#CHANGELOG-AUTH-2-9-22 )
>
> This is a huge release, spanning almost 18 months of
> development. Besides fixing a lot of bugs, of note is the
> addition of the so called 'Notification Proxy', which allows
> PowerDNS to function as a master server behind a firewall, plus
> the huge performance improvement of the internal caches.
>
> This work has been made possible by UPC Broadband and Directi,
> respectively.
>
> Finally, the release candidates of this version have been
> tested & improved by Jorn Ekkelenkamp, Ton van Rosmalen, Jeff
> Sipek, Tyler Hall, Christof Meerwald, Stefan Schmidt, *your name*.
>
> Fixed between rc1 and rc2, but not an issue in 2.9.21.
>
> * pdns_control ccounts again outputs proper cache statistics.
> Implemented in commit 1304.
> * Negative query caching was reinstated, leading to 6 times
> less backend queries than rc1 on the Express.powerdns.com
> servers.
> * Packetcache no longer needlessly parses outgoing packets
> before sending them.
> * Fancy records work again. This work has been sponsored by
> ISP Services. Implemented in commit 1302 and commit 1299.
> * pdns_control over TCP/IP is now more reliable.
>
> New features:
>
> * pdns_control can now also work over TCP/IP. Sponsored by
> Directi. Commits 1246, 1251, 1254, 1255.
> * Implemented a notification proxy, see Section 19.1. This
> work was sponsored by UPC Broadband. Implemented in commits
> 1075, 1077, 1082, 1083, 1085 and 1086.
> * IXFR queries are now supported in the sense that we treat
> them as AXFR queries, silencing warnings in other
> nameservers. Suggested in ticket 131.
> * The PIPE backend has been extended by David Apgar to allow
> the reporting of errors using the 'FAIL' command, plus
> support for responses with whitespace. Implemented in
> commit 1114.
> * PowerDNS Authoritative server now parses incoming EDNS
> options, like maximum allowed packet size. Implemented in
> commit 1123 and commit 1281.
> * Added support for DHCID, IPSECKEY and KX records, thanks
> Norbert Sendetzky for the hint. Implemented in commit 1144.
> * Norbert Sendetzky has has added support for all record
> types supported by PowerDNS to the LDAPBackend.
> Furthermore, the detection of OpenLDAP in autoconf has been
> improved. Finally, debian has supplied some fixes to
> PowerLDAP. Implemented in commit 1152 and commit 1153.
> * Implemented EDNS NSID option for retrieving the nameserver
> ID out of band. Defaults to hostname, can be specified
> using the server-id setting. Code in commit 1232.
> * Implemented experimental EDNS PING for enhanced forgery
> resilience. Code in commit 1232.
>
> Performance:
>
> * Improve packet generation performance, in some cases by
> 25%. Code in 1258, 1259.
> * Improved access list checking performance. commit 1261.
> * PowerDNS Authoritative caches were completely redone, and
> are now based on the same cache that is in the resolver.
> This work has been sponsored by Directi. In large
> benchmarks, PowerDNS performance has improved by an order
> of magnitude or more. This new version allows for
> near-instantaneous cache purging, plus very rapid purging
> based on suffix. Purge commands can also be batched. This
> work is partially based on an innovative reverse-string
> comparison function authored by Aki Tuomi.
> * Installations which run with very high cache hitrates can
> now benefit from multiple CPUs by setting receiver-threads
> to the number of desired CPUs to utilize in cache
> operations. Implemented in commit 1316.
> * BIND backend speedups in commit 1108, measured at around a
> 20% improvement, possibly more on very large setups.
>
> Bugs fixed:
>
> * Tyler Hall discovered the PowerDNS configuration file
> parser had problems with trailing tabs. This turned out to
> be a wider problem in PowerDNS. Buggy code replaced by a
> library call in commit 1237 and commit 1240.
> * Connection reset by peer events in the TCP nameserver no
> longer lead to the cycling of database connections. Code in
> commit 1241.
> * FreeBSD compilation with Generic PostgreSQL backend was
> fixed. Reported by Wouter de Jong of WideXS, fixed in
> commit 1305, closes ticket 95.
> * Webserver no longer prints '1e2%'. Finally closes ticket
> 26. Much friendly nagging for over 3 years by Jeff Sipek,
> code in commit 1303.
> * PowerDNS used to ignore certain queries it could not
> answer. These queries are no longer ignored, but get a
> SERVFAIL response. Implemented in commit 1239.
> * Fix subtle CNAME and wildcard interactions reported by
> 'zzyzz', implemented in commit 1147.
> * The generic backends did not honour the default-ttl
> setting. Spotted and implemented by Matti Hiljanen.
> * Matti Hiljanen discovered that the OpenDBX backend did not
> fill out the SOA ttl value properly. Matti also improved
> the SQL statements for better compatability. Implemented in
> commit 1181.
> * Treat invalid WWW requests better. Spotted by Maikel
> Verheijen, implemented in commit 1092.
> * Documentation errors and typos, spotted by Marco Davids
> (commit 1097) and Rejo Zengers (commit 1119)
> * Properly fill out the 'recursion available'-flag. Spotted
> by Augie Schwer in ticket 167.
> * Several memory leaks on bad data in the database or other
> errors have been fixed. Addressed in 1078 and 1079.
> * In contravention to the documentation, the domain type as
> specified in the database ('MASTER', 'SLAVE' or 'NATIVE')
> was interpreted case sensitively. 1084.
> * BIND backend could crash on processing information about
> slave zones to be checked. Spotted by Stefan Schmidt, fixed
> in 1089.
> * Jelte Jansen of Stichting NLNetLabs discovered PowerDNS in
> BIND mode couldn't operate as a root-server! Fixed in 1057.
> * 'DPS' discovered there was a rare opportunity for PowerDNS
> to lock up waiting for new data. Addressed in 1076.
> * Make singlethreaded mode more resilient against errors.
> commit 1272.
> * DNSSEC records were part of 2.9.21, but were not actually
> hooked up. Please note that while PowerDNS can serve most
> DNSSEC records, it does not do DNSSEC processing.
> Implemented in 1046.
> * Shawn Starr migrated all his domains to PowerDNS in one
> evening, from an installation that had been used since
> BIND4. In doing so, he found 3 bugs in as many hours. An IN
> statement in the BIND named.conf with a zone with a
> trailing dot was misparsed, fixed in commit 1233. Secondly,
> the zonefile parser tripped over a line consisting of
> nothing but comments in the wrong place. Finally '$ORIGIN
> .' was misparsed. Last two issues fixed in commit 1234.
> * Our statistics counters did not wrap correctly after the
> 2.15 billion mark. Spotted by Stefan Schmidt, reported in
> ticket 179, fixed in commit 1284.
> * Bindbackend could sometimes generate very strange error
> messages while processing a malformed zone file. Sometimes
> such error messages could cause a crash (reported on
> HP-UX). Addressed by commit 1279. This could not be
> triggered remotely. Closes ticket ticket 203.
> * Pipe backend did not clean up killed coprocesses. Found and
> fixed by Daniel Drown
> * Installations with tens of thousands of slave domains would
> never complete the cycle to check the freshness of all
> zones as each incoming notification disrupted this cycle.
> Addressed in cooperation with Tyler Hall of EditDNS.
>
> Improvements:
>
> * Zoneparser improvements mean $TTL and $INCLUDES now work a
> lot better. Implemented in 1056, 1062.
> * Direct queries for 'fancy records' would lead to errors,
> such queries now fail early. Spotted by Jorn Ekkelenkamp,
> implemented in 1051.
> * Fix typo in geobackend, closing ticket 157, implemented in
> 1090.
> * Initial work on TSIG support - not done yet. Spurred on by
> Marco Davids.
> * Embarrassingly, the 'master' configuration setting was not
> documented in the list of all settings!
> * Norbert has updated OpenDBX so that SQLite reads and writes
> no longer deadlock, plus compliation fixes on Solaris, plus
> the addition of autoserials to backends that support
> triggers. Implemented in commit 1154.
> * Random generator is now based on AES, improving the
> security of certain proxy operations. This is the same
> random generator that is in the recursor. Implemented in
> commit 1256.
> * Documentation for 'supermaster' mode was improved due to
> popular demand.
> * When binding to a UDP port failed, supply a more precise
> error message (commit 1245)
> * The zoneparser error messages were vastly improved,
> partially inspired by Shawn's cowboy migration. Code in
> commit 1235.
> * Labels are compressed more efficiently
> (case-insensitively), leading to smaller packets.
> Implemented in commit 1156.
> * Fix handling of TCP timeouts to not cause a reload of the
> backends. Implemented in commit 1092.
> * TCP Receiver no longer spams the log with common network
> errors. Implemented in commit 1306.
> * Move from select() to poll()-based multiplexing, allowing
> PowerDNS to listen on more than 1024 sockets
> simultaneously. One big PowerDNS user needs this.
> Implemented in 1072.
> * Zone2sql now reads source files in performance enhancing
> inode order. Additionally, zone2sql no longer dies on a
> missing zone file if --on-error-resume-next was specified.
> Finally, statistics of zone2sql confersion have been
> improved. Implemented in 1055.
> * Address issues found by more recent g++ versions. Spotted
> and/or fixed by Jorn Ekkelenkamp (commit 1051), Marcus
> Rueckert (commit 1094), Norbert Sendetzky (commit 1107),
> Serge Belyshev (commit 1171).
> * The Intel C Compiler implements certain things differently,
> causing the master/slave communicator to malfunction.
> Spotted by Marcus Rueckert, implemented in 1052, plus
> fallout in 1105.
> * PowerDNS can now be compiled with Boost 1.37.0.
> * Andre Lorbach of Adiscon discovered the microsoft windows
> 2003 nameserver adds out of zone data to zonetransfers,
> which we need to ignore, instead of rejecting the entire
> zone. Implemented in 1048.
> * PowerDNS now skips remote master servers which consistently
> generate timeout messages, improving the master checking
> cycle time tremendously. Developed in cooperation with
> Tyler Hall. Implemented in commit 1278.
> * When binding to a UDP port failed, supply a more precise
> error message (commit 1245)
> * dnsreplay now waits for the final answers to arrive, making
> it possible to process even small pcap files and get
> meaningful statistics. commit 1268.
> * dnsreplay has a more sane default timeout now, which can be
> configured too. Suggested by Augie Schwer in ticket 163,
> implemented in commit 1287.
>
>
>
> --
> http://www.PowerDNS.com Open source, database driven DNS Software
> http://netherlabs.nl Open and Closed source services
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20081130/0e0f6ced/attachment-0001.html>
More information about the Pdns-users
mailing list