We are pleased to announce the availability the PowerDNS Recursor 4.0.0 Beta 1. This release has two important improvements in the DNSSEC implementation: a better fallback to non-DNSSEC when dealing with old and non-compliant authoritative servers and a new default DNSSEC mode where DNSSEC is supported but no validation will take place.
With this release, we believe the DNSSEC support can be marked as “functional, but experimental” and it is suitable for inclusion in acceptance and production environments.
There are some other small bug fixes as well, here’s the full changelog:
Improvements
- #3866 Increase max FDs in systemd unit file
- #3905 Add a dnssec=process-no-validate option and make it default
Bug fixes
- #3875 Disable DNSSEC for domain where the auth responds with FORMERR or NOTIMP
- #3881 Fix the
noEdnsOutQueriescounter - #3892 support
clock_gettimefor platforms that require -lrt
Getting PowerDNS Recursor 4.0.0 Beta 1
As always, from our downloads site you can get the tarball(sig) and packages for several platforms are available from the repositories.
