Category: Uncategorized

PowerDNS Authoritative Server 4.4.2

Hello!

We are proud to announce version 4.4.2 of the Authoritative Server. This releases fixes one issue:

  • RFC2136/nsupdate: apply new TTL to whole RRset, not only to the added record

Please find a full list in the changelog.

Please make sure to read the Upgrade Notes before upgrading.

The tarball (signature) is available at downloads.powerdns.com and packages for various Linux distributions are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

Second beta release of PowerDNS Recursor 4.6.0

We are proud to announce the second beta release of PowerDNS Recursor 4.6.0.

Compared to the previous major (4.5) release of PowerDNS Recursor, this release contains several sets of changes:

  • The ability to flush records from the caches on a incoming notify requests. Many thanks to Kevin P. Fleming for this feature!
  • A rewrite of the outgoing TCP code, adding both re-use of connections and support for DoT to authoritative servers or forwarders.
  • Many improvements in the area of metrics: more metrics are collected and more metrics are now exported in a Prometheus friendly way.
  • A new Zone to Cache function that will retrieve a zone (using AXFR, HTTP, HTTPS or a local file) periodically and insert the contents into the record cache, allowing the cache to be always hot for a zone. This can be used for the root or any other zone.
  • An experimental Event Tracing function, providing insight into the time taken by the steps in the process of resolving a name.

Re-use of TCP/DoT connections is achieved by not closing connections, leaving them open for re-use. Previously, a TCP connection would be closed after a single query-reply exchange. The policy used to keep idle connections open is governed by various settings.

By default, if a forwarder is specified using port 853, DoT will be used to connect to that forwarder. It is also possible to list specific nameservers that should be contacted over DoT. Note that no certificate validation is done. After the standard committees define discovery of authoritative servers offering DoT, we will add functionality to allow automatic switching to DoT including validation of certificates.

As always, there are also many smaller bug fixes and improvements, please refer to the changelog for additional details. When upgrading do not forget to check the upgrade guide.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarball (signature) is available from our download server and packages for several distributions are available from our repository.

With the final 4.6 release, the 4.3.x releases will be marked EOL and the 4.4.x and 4.5.x releases will go into critical fixes only mode. Consult the EOL policy for more details.

We would also like to mention that with the 4.5 release we stopped supporting systems using 32-bit time. This includes most 32-bit Linux platforms.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

PowerDNS Authoritative Server 4.5.2

Hello!

Today we published release 4.5.2 of the Authoritative Server. It contains several robustness fixes for the bindbackend, and for SOA handling. These fixes are especially important for zone cache users.

Please find a full list in the changelog.

Please make sure to read the Upgrade Notes before upgrading.

The tarball (signature) is available at downloads.powerdns.com and packages for various Linux distributions are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

First beta release of PowerDNS Recursor 4.6.0

We are proud to announce the first beta release of PowerDNS Recursor 4.6.0.

Compared to the previous major (4.5) release of PowerDNS Recursor, this release contains several sets of changes:

  • A rewrite of the outgoing TCP code, adding both re-use of connections and support for DoT to authoritative servers or forwarders.
  • Many improvements in the area of metrics: more metrics are collected and more metrics are now exported in a Prometheus friendly way.
  • A new Zone to Cache function that will retrieve a zone (using AXFR, HTTP, HTTPS or a local file) periodically and insert the contents into the record cache, allowing the cache to be always hot for a zone. This can be used for the root or any other zone.
  • An experimental Event Tracing function, providing insight into the time taken by the steps in the process of resolving a name.

Re-use of TCP/DoT connections is achieved by not closing connections, leaving them open for re-use. Previously, a TCP connection would be closed after a single query-reply exchange. The policy used to keep idle connections open is governed by various settings.

By default, if a forwarder is specified using port 853, DoT will be used to connect to that forwarder. It is also possible to list specific nameservers that should be contacted over DoT. Note that no certificate validation is done. After the standard committees define discovery of authoritative servers offering DoT, we will add functionality to allow automatic switching to DoT including validation of certificates.

As always, there are also many smaller bug fixes and improvements, please refer to the changelog for additional details.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarball (signature) is available from our download server and packages for several distributions are available from our repository.

With the final 4.6 release, the 4.3.x releases will be marked EOL and the 4.4.x and 4.5.x releases will go into critical fixes only mode. Consult the EOL policy for more details.

We would also like to mention that with the 4.5 release we stopped supporting systems using 32-bit time. This includes most 32-bit Linux platforms.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

PowerDNS Recursor 4.4.7 and 4.5.7 Released

We are proud to announce the release of PowerDNS Recursor 4.4.7. and 4.5.7.

Both releases are maintenance releases correcting an issue where a DS record with a SHA-256 digest could be ignored if a DS record with SHA-384 digest is also present. The 4.5.7 release also contains a fix for the issue where an incorrect appliedPolicyTrigger value is set on some RPZ hits.

Please refer to the change logs for the 4.4.7 and 4.5.7 releases for additional details.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarballs (4.4.7, 4.5.7) and signatures (4.4.7, 4.5.7) are available from our download server and packages for several distributions are available from our repository.

The 4.2.x release is EOL and the 4.3.x and 4.4.x releases are in critical fixes only mode. Consult the EOL policy for more details.

We would also like to repeat that starting with the 4.5 release branch we will stop supporting systems using 32-bit time. This includes most 32-bit Linux platforms.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

Second alpha release of PowerDNS Recursor 4.6.0

We are proud to announce the second alpha release of PowerDNS Recursor 4.6.0.

Compared to the previous major (4.5) release of PowerDNS Recursor, this release contains several sets of changes:

  • A rewrite of the outgoing TCP code, adding both re-use of connections and support for DoT to authoritative servers or forwarders.
  • Many improvements in the area of metrics: more metrics are collected and more metrics are now exported in a Prometheus friendly way.
  • A new Zone to Cache function that will retrieve a zone (using AXFR, HTTP, HTTPS or a local file) periodically and insert the contents into the record cache, allowing the cache to be always hot for a zone. This can be used for the root or any other zone.
  • An experimental Event Tracing function, providing insight into the time taken by the steps in the process of resolving a name.

Re-use of TCP/DoT connections is achieved by not closing connections, leaving them open for re-use. Previously, a TCP connection would be closed after a single query-reply exchange. The policy used to keep idle connections open is governed by various settings.

By default, if a forwarder is specified using port 853, DoT will be used to connect to that forwarder. It is also possible to list specific nameservers that should be contacted over DoT. Note that no certificate validation is done. After the standard committees define discovery of authoritative servers offering DoT, we will add functionality to allow automatic switching to DoT including validation of certificates.

As always, there are also many smaller bug fixes and improvements, please refer to the changelog for additional details.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarball (signature) is available from our download server and packages for several distributions are available from our repository.

With the final 4.6 release, the 4.3.x releases will be marked EOL and the 4.4.x and 4.5.x releases will go into critical fixes only mode. Consult the EOL policy for more details.

We would also like to mention that with the 4.5 release we stopped supporting systems using 32-bit time. This includes most 32-bit Linux platforms.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

PowerDNS Recursor 4.5.6 Released

We are proud to announce the release of PowerDNS Recursor 4.5.6.

This release contains fixes to the way RPZ updates are handled and a fix to a case where traffic to a forwarder could be throttled while it should not. Additionally a few minor DNSSEC validation issues and a case where the combining of equivalent queries wasn’t effective were resolved.

Please refer to the change log for additional details.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarball and signature are available from our download server and packages for several distributions are available from our repository.

With the earlier 4.5.1 release, the 4.2.x releases is EOL and the 4.3.x and 4.4.x releases went into critical fixes only mode. Consult the EOL policy for more details.

We would also like to announce that with this release we will stop supporting systems using 32-bit time. This includes 32-bit Linux platforms like arm6, arm7, and i386.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

PowerDNS Recursor 4.4.6 Released

We are proud to announce the release of PowerDNS Recursor 4.4.6.

This release contains fixes to the way RPZ updates are handled and a fix to a case where traffic to a forwarder could be throttled while it should not.

Please refer to the change log for additional details.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarball and signature are available from our download server and packages for several distributions are available from our repository.

With the earlier 4.5.1 release, the 4.2.x releases is EOL and the 4.3.x and 4.4.x releases went into critical fixes only mode. Consult the EOL policy for more details.

We would also like to announce that with this release we will stop supporting systems using 32-bit time. This includes 32-bit Linux platforms like arm6, arm7, and i386.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.

First Alpha Release for Authoritative Server 4.6.0

Hello!

Today we released the first Alpha version for Authoritative Server version 4.6.0.

Version 4.6.0 mostly brings small improvements and fixes, but there are two notable new features:

  • support for incoming PROXY headers
  • support for EDNS cookies

Support for PROXY headers allows you to put a load balancer (such as dnsdist) in front of the Authoritative Server, while still having the Auth see the actual IPs of clients talking to it.

EDNS Cookies allow resolvers that support it to have an extra layer of authentication on their communication with the Authoritative Server.

A full list of changes can be found in the changelog.

Please make sure to read the Upgrade Notes before upgrading.

The tarball (signature) is available at downloads.powerdns.com. Packages for various distributions are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

First Alpha release of PowerDNS Recursor 4.6.0

We are proud to announce the first alpha release of PowerDNS Recursor 4.6.0.

Compared to the previous major (4.5) release of PowerDNS Recursor, this release contains two major sets of changes:

  • a rewrite of the outgoing TCP code, adding both re-use of connections and support for DoT to authoritative servers or forwarders,
  • many improvements in the area of metrics: more metrics are collected and more metrics are now exported in a Prometheus friendly way.

Re-use of TCP/DoT connections is achieved by not closing connections, leaving them open for re-use. Previously, a TCP connection would be closed after a single query-reply exchange. The policy used to keep idle connections open is governed by various settings.

By default, if a forwarder is specified using port 853, DoT will be used to connect to that forwarder. It is also possible to list specific nameservers that should be contacted over DoT. Note that no certificate validation is done. After the standard committees define discovery of authoritative servers offering DoT, we will add functionality to allow automatic switching to DoT including validation of certificates.

As always, there are also many smaller bug fixes and improvements, please refer to the changelog for additional details.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

The tarball (signature) is available from our download server and packages for several distributions are available from our repository.

With the final 4.6 release, the 4.3.x releases will be EOL and the 4.4.x and 4.5.x releases will go into critical fixes only mode. Consult the EOL policy for more details.

We would also like to mention that with the 4.5 release we stopped supporting systems using 32-bit time. This includes 32-bit Linux platforms like arm6, arm7, and i386.

We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.