Second Alpha Release of DNSDist 1.6.0

Hi everyone,

We are happy to announce the second alpha release of dnsdist 1.6.0. This release contains mostly fixes for issues reported in the first release candidate:

  • A race condition was found to sometimes occur at startup, making it possible for the first TCP connection to happen before the creation of TCP workers and lead to a crash.
  • Stéphane Bortzmeyer reported many TCP timeouts with the first alpha that did not happen with 1.5.x. We unfortunately did not manage to reproduce these timeouts, but we spent quite some time expanding the coverage of our TCP code, uncovering several bugs in the process. Although we unfortunately cannot be sure that the issue experienced by Stéphane has been fixed, the resulting code has seen much more testing and we have received excellent feedback from other users in the meantime, leading to this second alpha candidate.
  • The cache cleaning algorithm did not properly remove expired entries from all shards, when more than one shard was used and setCacheCleaningPercentage set below 100%. This led to a drop in the cache efficiency in the long run.
  • A null pointer dereference has been found when accessing a dynamic BPF block (DynBPF) object in client mode.
  • A debug line was not properly removed in the web server code, logging a new line for every HTTP query.

In addition to these fixes, Sander Hoentjen contributed several improvements to allow spoofing answers with multiple records, and Aki Tuomi introduced automatic conversion to string for several objects in Lua. Many thanks to them!

Please see the dnsdist website for the more complete changelog and the current documentation.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

Release tarballs are available on the downloads website, and packages for CentOS 7 and 8, Debian Buster and Ubuntu Bionic and Focal are available from our repository.

With the future 1.6.0 final release, the 1.3.x releases will be EOL and the 1.4.x releases will go into critical security fixes only mode.

We would also like to take this opportunity to announce that we will stop supporting systems using 32-bit time. This includes 32-bit Linux platforms like arm and i386 before kernel version 5.1.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s