Tagged: release

Second release candidate for dnsdist 1.5.0

We are very happy to announce the second release candidate of dnsdist 1.5.0. 1.5.0 contains several new exciting features and a few breaking changes since 1.4.0 that were detailed in the announcement of alpha1. If you upgrade from 1.4.0, please see the upgrade guide for more information.
This new release candidate has very few changes except a few minor bug fixes and cleanups since the first release candidate:

  • compilation was broken on SmartOS/illumos, and Solaris (9031) ;
  • the statistics for HTTP/1 were displayed twice instead of showing the HTTP/2 ones (9068) ;
  • if a backend was not reachable when first added, and multiple sockets were configured for that backend, the corresponding socket was not properly closed (9057) ;
  • several minor compilation warnings were fixed, along with some minor cleanups (9016 9042 9053 9054 9059 9067 9078 9084).


We want to once again thank everyone that contributed to the testing of alpha1 and the first release candidate!

Please see the dnsdist website for the more complete changelog and the current documentation.

Release tarballs are available on the downloads website.

Several packages are also available in our repository. Please be aware that we have enabled a few additional features in our packages, like DNS over HTTPS, DNS over TLS and DNSTAP support, on distributions where the required dependencies were available.

First release candidate for dnsdist 1.5.0

We are very happy to announce the first release candidate of dnsdist 1.5.0. 1.5.0 contains several new exciting features and a few breaking changes since 1.4.0 that were detailed in the announcement of alpha1. If you upgrade from 1.4.0, please see the upgrade guide for more information.
This new release candidate has very few changes since alpha1:

  • a compilation issue on OpenBSD was fixed (8955) ;
  • the Lua binding for SuffixMatchNode::remove was added (8956) ;
  • a regression introduced in 1.4.0 for DNSCrypt users was fixed (8974, 8976), with our thanks to Frank Denis for reporting the issue and suggesting ways to fix it ;
  • responses received from a backend with the QR bit not set are now dropped (8996) ;
  • an option to control the size of the TCP listen queue was added (8994).

We want to once again thank everyone that contributed to the testing of alpha1!

Please see the dnsdist website for the more complete changelog and the current documentation.

Release tarballs are available on the downloads website.

Several packages are also available in our repository. Please be aware that we have enabled a few additional features in our packages, like DNS over HTTPS, DNS over TLS and DNSTAP support, on distributions where the required dependencies were available.

dnsdist 1.4.0

After five release candidates, we are thrilled to finally announce the release of dnsdist 1.4.0 !

This new major version has been used in production by several large operators since the first release candidate, including the new DNS over HTTPS feature, providing invaluable feedback.

This release has very few changes since the previous release candidate:

  • names blocked by a SMT dynamic block are now lowercased (8524) ;
  • we went back to selecting the cipher suites based on the server preference instead of the client by default (8526) ;
  • some typo, documentation and help messages have been fixed (8531, 8440, 8509).

For those new to the 1.4.0 train, the main changes between 1.3.3 and 1.4.0 are:

  • a new, much more scalable way of handling DNS over TCP and DNS over TLS (DoT) connections, with a lot of new metrics and options like OCSP stapling ;
  • support for DNS over HTTPS (DoH) ;
  • a new experimental feature, the ability to look into a Key-Value store like CDB or LMDB and to route a query based on the result of this lookup ;
  • new rules and actions to deal with unexpected EDNS version (Dmitry Alenichev) ;
  • a new QNameSetRule rule, along with the DNSNameSet object, to match exact qnames instead of doing suffix matching (Andrey Domas) ;
  • a new ContinueAction has been added as well, allowing to keep processing rules even after calling a normally terminal action, like PoolAction ;
  • we also added a few convenience functions to pseudonymize IP addresses, as several users reported that they needed it to be GDPR-compliant ;
  • the health check mechanism has been improved with the new checkInterval, checkTimeout and rise parameters, thanks notably to “1848” ;
  • and, finally, we also improved the existing LogAction to make it much more useful for debugging and accounting purposes.

Please see the upgrade guide before upgrading from 1.3.x to 1.4.0, as a few things have been cleaned up and might require updating your existing configuration.

We want to once again thank everyone that contributed to the testing of the previous release candidates!

Please see the dnsdist website for the more complete changelog and the current documentation.

Release tarballs are available on the downloads website.

Several packages are also available in our repository.

dnsdist 1.4.0-rc5 released

We are happy to announce the fifth release candidate of the 1.4.0 version of dnsdist. This release fixes a regression introduced in DNS over HTTPS handling in 1.4.0-rc4 that could lead to a crash under heavy load, because of a race condition.

The issue was reported during load-testing by one of our users a few hours after the release and we were able to issue a fix during the week-end. We quickly advised DNS over HTTPS users to delay upgrading for a bit, and after exposing the resulting code to various tests during a couple days we are now confident that the issue has been resolved.

We want to thank everyone that contributed to the testing of the previous release candidates, and invite you to contribute to the testing of this hopefully last one!

Please see the dnsdist website for the more complete changelog and the current documentation.

Release tarballs are available on the downloads website.

Several packages are also available on our repository.

Third alpha release of PowerDNS Recursor 4.3.0

We’re proud to announce the third alpha release for the PowerDNS Recursor 4.3 release train. Note that a second alpha was tagged, but never released due to an issue found. A few major features are introduced:

  • The recursor now processes a number of requests incoming over a TCP connection simultaneously and will return results (potentially) out-of-order.
  • RFC 8020 “NXDOMAIN: There Really Is Nothing Underneath” has been implemented and is enabled by default.
  • Newly Observed Domain (NOD) functionality is built and available by default.
  • dnstap support for outgoing queries to authoritative servers and the corresponding replies is built and available by default.

Please see the changelog for details about other improvements and bug fixes and the documentation for more details about setting up the recursor.

We want to thank everyone that contributed to this and earlier releases, and invite you to contribute to the testing of this alpha release!

The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6, 7 and 8, Debian Stretch and Buster and Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.

Fourth release candidate for dnsdist 1.4.0

We are very happy to announce the fourth release candidate of the 1.4.0 version of dnsdist. Unless a serious issue is discovered, we plan on releasing the final 1.4.0 release in a couple of weeks with no or very few changes from this release.

This version massively improves the metrics available regarding TLS usage and errors for DNS over HTTPS and DNS over TLS clients, as suggested by several large deployments.

It also fixes several minor issues, and improves the existing LogAction to make it much more useful for debugging and accounting purposes.

We want to thank everyone that contributed to the testing of the previous release candidates, and invite you to contribute to the testing of this hopefully last one!

Please see the dnsdist website for the more complete changelog and the current documentation.

Release tarballs are available on the downloads website.

Several packages are also available on our repository.

Third release candidate for dnsdist 1.4.0

We are very happy to announce the third, and hopefully last, release candidate of the 1.4.0 version of dnsdist.

This version adds the ability to accept DNS over HTTPS queries over HTTP, in order to be able to use dnsdist behind a TLS-offloading device, and improves the management of TLS session ticket keys for DNS over HTTPS.

It also fixes several minor issues, and improves the DoH-related metrics in our prometheus export.

We want to thank everyone that contributed to the testing of the beta release, and invite you to contribute to the testing of this release candidate!

Please see the dnsdist website for the more complete changelog and the current documentation.

Release tarballs are available on the downloads website.

Several packages are also available on our repository.