We are very happy to release DNSdist 1.8.1 today, a maintenance release fixing a few bugs reported since 1.8.0:
- Several bugs have been fixed in the health-check code, including one issue that could have resulted in some health-check responses to be lost
- A crash has been fixed when dealing with DNS over HTTPS queries for which a X-Forwarded-For header overrides the initial source IP, which is not enabled by default
- Re-connection failures are now more carefully handled for backend UDP sockets, avoiding high CPU usage in some network topology changes
- Self-answered UDP responses with recvmmsg are not properly accounted for
- A memory leak when processing TLS tickets with OpenSSL 3.x has been fixed
- Cache hit and miss metrics with DoH queries are now properly accounted for
- Christof Chen fixed an issue with SpoofAction, by copying the QClass from the request
- A race has been fixed when creating the first TLS connections to a backend, which could have led to sub-optimal TLS session reuse
- Short reads are now properly handled when doing backend upgrade discovery
- Winfried Angele fixed an accidental change of disableZeroScope to disableZeroScoping
- The group ownership of the dnsdist.conf file is now properly set when installed via RPM
- Houtworm fixed the webserver config template for our docker container
- phonedph1 fixed the console description of PoolAction and QPSPoolAction
In addition to these fixes, Jacob Bunk made the TSIG query type available from Lua, and we improved the accounting of eBPF dynamic blocks.
Finally it is now possible to declare custom metrics at runtime for use from Lua, and Lua FFI inspection functions are automatically loaded at runtime.
We are grateful to the PowerDNS community for the reporting of bugs, issues, feature requests, and especially to the submitters of fixes and implementations of features.