[Pdns-users] PowerDNS Recursor 4.9.0 Released
Otto Moerbeek
otto.moerbeek at open-xchange.com
Fri Jun 30 10:11:24 UTC 2023
We are proud to announce the release of PowerDNS Recursor 4.9.0.
Compared to the previous major (4.8) release of PowerDNS Recursor, this
release contains the following major changes:
* The performance impact of metrics collection has been reduced by
using lock-free non-atomic thread-local counters.
* The packet cache is sharded and shared by all threads.
* The TTL of negative answers in the packet cache can now be
controlled separately from positive and failure answers.
* The rec_control trace_regex command writes the generated trace
information to a specified file instead of the general log. The
trace information contains more precise timestamps and DNSSEC
validation information.
* If extended-resolution-errors [1]is enabled EDNS errors are now
generated in more cases, specifically when authoritative servers
for a zone are unreachable or when synthesising answers by e.g.
using the aggressive NSEC cache.
* The aggressive NSEC cache has been changed not to store NSEC3
entries which cover only a small fraction[2] of possible names.
This also allows switching off the aggressive cache for NSEC3 only.
* It is now possible to switch off root-refreshing[3] completely.
* Proper handling of security policies that restrict [4]the use of
specific DNSSEC algorithms on RHEL9 derived systems.
As a follow-up to the shared packet cache, the default way the recursor
distributes requests over worker threads has now been changed to let
the operating system kernel do that, by changing the defaults
of pdns-distributes-queries[5] to no and reuseport[6] to yes. Though
our testing has shown benefits to this approach, we have seen that in
some cases (depending on OS and client traffic patterns) this can have
negative consequences: the queries are not distributed equally over the
worker threads. See the performance[7] section of the online docs for
details in how to diagnose and remedy this imbalance.
As always, there are also many smaller bug fixes and improvements,
please refer to the changelog[8] for additional details. When upgrading
do not forget to check the upgrade guide.[9]
Please send us all feedback and issues you might have via the mailing
list[10], or in case of a bug, via GitHub[11].
The tarball[12] (signature[13]) is available from our
download server[14] and packages for several distributions are
available from our repository[15].
With this final 4.9.0 release, the 4.6.x releases will be EOL and the
4.7.x and 4.8.x releases will go into critical fixes only mode. Consult
the EOL policy[16] for more details.
We would also like to mention that with the 4.5 release we stopped
supporting systems using 32-bit time. This includes many 32-bit Linux
platforms.
We are grateful to the PowerDNS community for the reporting of bugs,
issues, feature requests, and especially to the submitters of fixes and
implementations of features.
References
1. https://docs.powerdns.com/recursor/settings.html#extended-resolution-errors
2. https://docs.powerdns.com/recursor/settings.html#aggressive-cache-min-nsec3-hit-ratio
3. https://docs.powerdns.com/recursor/settings.html#hint-file
4. https://docs.powerdns.com/recursor/settings.html#dnssec-disabled-algorithms
5. https://docs.powerdns.com/recursor/settings.html#pdns-distributes-queries
6. https://docs.powerdns.com/recursor/settings.html#reuseport
7. https://docs.powerdns.com/recursor/performance.html
8. https://doc.powerdns.com/recursor/changelog/4.9.html#change-4.9.0
9. https://docs.powerdns.com/recursor/upgrade.html
10. https://mailman.powerdns.com/mailman/listinfo/pdns-users
11. https://github.com/PowerDNS/pdns/issues/new/choose
12. https://downloads.powerdns.com/releases/pdns-recursor-4.9.0.tar.bz2
13. https://downloads.powerdns.com/releases/pdns-recursor-4.9.0.tar.bz2.sig
14. https://downloads.powerdns.com/releases/
15. https://repo.powerdns.com/
16. https://docs.powerdns.com/recursor/appendices/EOL.html
--
kind regards,
Otto Moerbeek
PowerDNS Developer
Email: otto.moerbeek at open-xchange.com
-------------------------------------------------------------------------------------
Open-Xchange AG, Hohenzollernring 72, 50672 Cologne, District Court Cologne HRB 95366
Managing Board: Andreas Gauger, Dirk Valbert, Frank Hoberg, Stephan Martin
Chairman of the Board: Richard Seibt
PowerDNS.COM BV, Koninginnegracht 14L, 2514 AA Den Haag, The Netherlands
Managing Director: Robert Brandt, Maxim Letski
-------------------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230630/e3072aa3/attachment.sig>
More information about the Pdns-users
mailing list