Today we released DNSdist 2.0.6, fixing several issues. The notable ones are:
the feature that was introduced in 2.0.0 to limit the rate of new TCP or QUIC connections that a given client can open per second has a serious bug, coming from a confusion over the interval, which is set in minutes, and the rate, which is set in seconds, causing clients to be blocked a lot sooner than they should have been
there was a data race in the CDB Key-Value store implementation. This was fixed by preventing threads from accessing the same CDB object concurrently, which might have a performance impact for users that rely heavily on CDB. Please reach out to us if you experience such a performance impact
the BPFFilter::addRangeRule feature was not working properly
configured buffer sizes for UDP sockets were only applied to incoming sockets, not outgoing ones
AF_XDP/XSK could not be enabled from YAML
the TLS session cache for outgoing connections to backends was not properly cleaned up
the computation of the "Top N" metrics for suffix-based dynamic block counters was wrong
DownstreamState::setHealthCheckParams was sometimes overwriting the wrong value
a memory leak was found in the SNMP metrics implementation
the maximum size of a DNS over QUIC query was slightly off, which might have been a problem for very large queries
Please see the DNSdist website for the more complete changelog and the current documentation. The upgrade guide is also available there.
Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.
The release tarball and its signature are available on the downloads website, and packages for several distributions are available from our repository.