We are very happy to release PowerDNS DNSdist 1.9.0 today! This new version brings a fair number of new features since 1.8.3:
- DNS over QUIC
- DNS over HTTP3
- AF_XDP support
- the ability to set Extended DNS Error statuses
- a cache-miss ratio dynamic block rule
- getAddressInfo for asynchronous DNS resolution
- Proxy Protocol support for TeeAction
- Proxy Protocol support can now be enabled on a per-bind basis
- many new selectors and actions
We would like to express our gratitude to Y7n05h who contributed AF_XDP support during Google Summer of Code! It took us far too long to integrate their contribution into a release, but it's finally there with impressive results.
We also replaced the default library handling DNS over HTTPS, switching from h2o to nghttp2. This change should be transparent for most users, since we made sure to preserve the existing features and configuration directives. Switching to nghttp2 allows us to support hardware acceleration for TLS exchanges, using for example Linux's kTLS or Intel Quick-Assist Technology. It also reduces our footprint on low-end devices by not requiring an additional library, since nghttp2 was already used for outgoing DNS over HTTPS requests. Finally, while it was a long time coming, h2o is officially no longer maintained in a way that makes it possible to use it as a stable library. Technically it will still be possible to revert to the use of h2o for incoming DNS over HTTPS in DNSdist 1.9.x, but we will remove that support after that.
Packagers need to be aware that SNMP support is no longer enabled by default, as it had been causing integration issues in some environments for a while, but it's still enabled in our packages. Two new features, DNS over QUIC and DNS over HTTP3, require the Cloudflare's Quiche library, which is written in Rust and might not be already present in some distributions.
We also made changes to our Open Source End of Life policy. Older release trains are now supported for one year after the following major release. Consult the EOL policy for more details.
Please see the DNSdist website for the more complete changelog and the current documentation.
Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.
We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features. We are particularly thankful to Denis Machard for testing and reporting issues with dnstap and protobuf exports, Håkan Lindqvist for tirelessly tracking issues in our DNS over HTTP3 feature, Oto Šťáva from the Knot Resolver team for testing DNSdist against his DNS over QUIC implementation in DNS Shotgun and reporting several discrepancies!
The release tarball and its signature are available on the downloads website, and packages for several distributions are available from our repository.
