We are proud to announce the second and hopefully last release candidate of what should become PowerDNS Recursor 4.3.0.
Compared to the first release candidate, this release candidate changes the way RPZ policies are processed: if the matched policy is passthru, policies with a higher priority are still considered later in the resolving process. Additionally, a bug in the validation of NSEC records was fixed.
Compared to the 4.2 release of PowerDNS Recursor, the most important features that were added are:
* A relaxed form of QName Minimization as described in rfc7816bis-01. This feature is enabled by default.
* Dnstap support for outgoing queries to authoritative servers and the corresponding replies.
* The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order.
* Newly Observed Domain (NOD) functionality.
* When the recursor is started by
systemd, the recursor will no longer run as the
root user. Instead, it will start as the
pdns-recursor user. Make sure directories and files needed by your specific recursor setup are readable by this user. For non-systemd and non-chroot cases, the default directory for the control socket and pid file has changed to
Please refer to the changelog for details.
We want to thank everyone that contributed to the testing of the previous release candidate, and invite you to contribute to the testing of this release candidate!
The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.
Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.