PowerDNS Recursor 4.3.0 Released

Hello!,

We are proud to announce the release of PowerDNS Recursor 4.3.0.

Compared to the last release candidate, only two very minor issues were fixed.

Compared to the 4.2 release of PowerDNS Recursor, the most important features that were added are:

  • A relaxed form of QName Minimization as described in rfc7816bis-01. This feature is enabled by default. See the documentation for more details.
  • Dnstap support for outgoing queries to authoritative servers and the corresponding replies. See the documentation for more details.
  • The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order. See the documentation for more details on how to tune this feature.
  • Newly Observed Domain (NOD) functionality. See the documentation for information on how to make use of this feature.
  • When the recursor is started by systemd, the recursor will no longer run as the root user. Instead, it will start as the pdns-recursor user. Make sure directories and files needed by your specific recursor setup are readable by this user. For non-systemd and non-chroot cases, the default directory for the control socket and pid file has changed to /var/run/pdns-recursor. The upgrade guide contains more information.

As usual, there were also many other smaller enhancements and bugfixes. Please refer to the changelog for details.

We want to thank everyone that contributed to the testing of the release candidates.

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

With this release, PowerDNS Recursor 4.0 will be become End-of-Life and PowerDNS Recursor 4.1 will only receive critical security updates. For details, see the our EOL statement.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

PowerDNS Authoritative 4.3.0 Beta 2

Hello!

We are proud to announce the second, and hopefully last, beta release of what should become PowerDNS Authoritative 4.3.0. So far this is mostly a maintenance release, but there are a few interesting changes. A lot of internals have been reworked, with some visible changes for users.

If you read the upgrading notes for beta1, please see them again for an important change in NSEC(3) TTLs handling in beta2.

A notable new feature in 4.3 is support for hiding DNSSEC keys, which makes it possible to do algorithm rollovers. This feature was contributed by Robin Geuze of TransIP, thanks! Another interesting new feature is support for automatically publishing CDS/CDNSKEY records with a single pdns.conf setting.

Please note that 4.3.0 comes with a mandatory database schema upgrade.

Please see the changelog for an almost complete list of changes since the last 4.2.x release.

We want to thank everyone that contributed to this and earlier releases, and invite you to contribute to the testing of this beta release!

The tarball (signature) is available at downloads.powerdns.com; packages for CentOS 6, 7 and 8, Debian Stretch and Buster, and Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

Second Release Candidate of PowerDNS Recursor 4.3.0

Hello!,

We are proud to announce the second and hopefully last release candidate of what should become PowerDNS Recursor 4.3.0.

Compared to the first release candidate, this release candidate changes the way RPZ policies are processed: if the matched policy is passthru, policies with a higher priority are still considered later in the resolving process. Additionally, a bug in the validation of NSEC records was fixed.

Compared to the 4.2 release of PowerDNS Recursor, the most important features that were added are:

* A relaxed form of QName Minimization as described in rfc7816bis-01. This feature is enabled by default.
* Dnstap support for outgoing queries to authoritative servers and the corresponding replies.
* The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order.
* Newly Observed Domain (NOD) functionality.
* When the recursor is started by systemd, the recursor will no longer run as the root user. Instead, it will start as the pdns-recursor user. Make sure directories and files needed by your specific recursor setup are readable by this user. For non-systemd and non-chroot cases, the default directory for the control socket and pid file has changed to /var/run/pdns-recursor.

Please refer to the changelog for details.

We want to thank everyone that contributed to the testing of the previous release candidate, and invite you to contribute to the testing of this release candidate!

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

First Release Candidate of PowerDNS Recursor 4.3.0

Hello!,

We are proud to announce the first release candidate of what should become PowerDNS Recursor 4.3.0.

Compared to the second beta release, this release fixes a few RPZ related bugs. Additionally, a few other minor enhancements were made.

Compared to the 4.2 release of PowerDNS Recursor, the most important features that were added are:

* A relaxed form of QName Minimization as described in rfc7816bis-01. This feature is enabled by default.
* Dnstap support for outgoing queries to authoritative servers and the corresponding replies.
* The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order.
* Newly Observed Domain (NOD) functionality.
* When the recursor is started by systemd, the recursor will no longer run as the root user. Instead, it will start as the pdns-recursor user. Make sure directories and files needed by your specific recursor setup are readable by this user. For non-systemd and non-chroot cases, the default directory for the control socket and pid file has changed to /var/run/pdns-recursor.

Please refer to the changelog for details.

We want to thank everyone that contributed to the testing of the beta release, and invite you to contribute to the testing of this release candidate!

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

PowerDNS Authoritative 4.3.0-beta1

Hello!

We are proud to announce the first beta release of what should become PowerDNS Authoritative 4.3.0. So far this is mostly a maintenance release. A lot of internals have been reworked, with some visible changes for users.

Notable in this version is support for hiding DNSSEC keys, which makes it possible to do algorithm rollovers. This feature was contributed by Robin Geuze of TransIP, thanks! Another interesting new feature is support for automatically publishing CDS/CDNSKEY records with a single pdns.conf setting.

For distributors, it is important to note that building the Authoritative server without a Lua library is no longer supported.

Users, please note that 4.3.0-beta1 comes with a mandatory database schema upgrade.

Please see the changelog for an almost complete list of changes since the last 4.2.x release.

We want to thank everyone that contributed to this and earlier releases, and invite you to contribute to the testing of this beta release!

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster and Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

Second Beta Release of PowerDNS Recursor 4.3.0

Hello!,

We are proud to announce the second beta release of what should become PowerDNS Recursor 4.3.0.

Compared to the first beta release, this release fixes two bugs related to DNSSEC validation. Additionally, a few other minor issues were fixed. Also, protobuf log messages now contain port information.

Please refer to the changelog for details.

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

First Beta Release of PowerDNS Recursor 4.3.0

Hello!,

We are proud to announce the first beta release of what should become PowerDNS Recursor 4.3.0.

Compared to the third alpha release, this release enables QName-Minimization by default and introduces a less strict version of RFC 8020 “NXDOMAIN: There Really Is Nothing Underneath” functionality. This solves some failures to resolve specific names (as seen in the third alpha release) that are strictly speaking invalid .

Some bugs were fixed, in particular, a very slow creeping memory leak is plugged and a bug in the maintenance of the cached root zone information is fixed. As always, internal improvements to data structures and code are included as well.

Please refer to the changelog for details.

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

PowerDNS Authoritative 4.3.0-alpha1

Hello!

We are proud to announce the first alpha release of what should become PowerDNS Authoritative 4.3.0. So far this is mostly a maintenance release. A lot of internals have been reworked, with some visible changes for users.

Please see the changelog for an almost complete list of changes since the last 4.2.x release.

We want to thank everyone that contributed to this and earlier releases, and invite you to contribute to the testing of this alpha release!

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster and Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

PowerDNS Recursor 4.2.1 Released

This is a maintenance release that fixes a few issues. In particular, a very slow creeping memory leak is plugged and an rare failure to resolve specific names when the dnssec configuration is set to validate has been fixed.

Please refer to the changelog for details.

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

PowerDNS Recursor 4.1.15 Released

This is a maintenance release that fixes a few issues. In particular, a very slow creeping memory leak is plugged and an rare failure to resolve specific names when the dnssec configuration is set to validate has been fixed.

Please refer to the changelog for details.

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6 and 7, Debian Jessie and Stretch, Ubuntu Trusty, Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.