Third Alpha Release of DNSDist 1.6.0

Mar 29, 2021

Hi everyone,

We are happy to announce the third alpha release of dnsdist 1.6.0. This release contains a few fixes for issues reported in the second alpha:

  • DNS over HTTPS queries with a non-zero ID were not properly handled. Very few DoH clients actually send an ID with a value different than 0 but it does happen and is allowed by RFC 8484. Many thanks to Frank Denis for reporting the issue !
  • The connect timeout was not used for outgoing TCP connections, and the write timeout was used instead.

In addition to these fixes, several improvements were made:

  • Reduced memory usage for idle DNS over HTTPS and DNS over TLS connections, saving roughly 35 kB per connection.
  • Smarter caching of outgoing TCP connections, ability to configure the number of concurrent incoming TCP connections per frontend, with more metrics.
  • Sharding has been enabled in the ring buffers and the packet cache by default, leading to better performance in the default configuration.
  • TLS renegotiation is now disabled by default, to prevent issues like CVE-2021-3449 in the future.

Please see the dnsdist website for the more complete changelog and the current documentation.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

Release tarballs are available on the downloads website, and packages for CentOS 7 and 8, Debian Buster and Ubuntu Bionic and Focal are available from our repository.

With the future 1.6.0 final release, the 1.3.x releases will be EOL and the 1.4.x releases will go into critical security fixes only mode.

We would also like to take this opportunity to announce that we will stop supporting systems using 32-bit time. This includes 32-bit Linux platforms like arm and i386 before kernel version 5.1.

About the author

Remi Gacogne

Remi Gacogne

Senior Developer at PowerDNS


Related Articles

PowerDNS DNSdist 1.9.3 released

Less than an hour after the release of PowerDNS DNSdist 1.9.2 today, we received reports of DNSdist crashing in some setups....

Remi Gacogne Apr 5, 2024

PowerDNS DNSdist 1.9.2 released

We released PowerDNS DNSdist 1.9.2 today. This release fixes several issues:

Remi Gacogne Apr 5, 2024

PowerDNS Authoritative Server 4.9.0

This is release 4.9.0 of the Authoritative Server. It brings a few new features, and a collection of small improvements and...

Peter van Dijk Mar 15, 2024

Improving DNSdist performance with AF_XDP

This is the second in a series of three blog posts we are publishing about recent innovative developments with respect to...

Neil Cook Mar 15, 2024