PowerDNS is een dns-server met een database als back-end, waardoor het beheer van een groot aantal dns-entry's op een gemakkelijke manier kan plaatsvinden. De ontwikkelaars hebben eind april 2006 besloten om de twee delen waaruit PowerDNS bestaat, een recursor en een authoritative nameserver, apart uit te geven. Hierdoor kan men sneller een nieuwe versie uitbrengen, aldus de ontwikkelaars. De ontwikkelaars hebben na drie release candidates PowerDNS Recursor 3.3 uitgebracht. De aankondiging van deze uitgave ziet er als volgt uit:
We're proud to announce the release of the PowerDNS Recursor 3.3! It can be downloaded from http://www.powerdns.com/ or via the following direct links:
There you will also find PGP signatures of this release (add .sig), based on the same key that has signed this message.
A version of the release notes with clickable links to changes, can also be found on http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-3
Version 3.3 fixes a number of small but persistent issues, rounds off our IPv6 %link-level support and adds an important feature for many users of the Lua scripts.
In addition, scalability on Solaris 10 is improved.
- 'dist-recursor' script was not compatible with pure POSIX /bin/sh, discovered by Simon Kirby. Fix in commit 1545.
- Simon Bedford, Brad Dameron and Laurient Papier discovered relatively high TCP/IP loads could cause TCP/IP service to shut down over time. Addressed in commits 1546, 1640, 1652, 1685, 1698. Additional information provided by Zwane Mwaikambo, Nicholas Miell and Jeff Roberson. Testing by Christian Hofstaedtler and Michael Renner.
- The PowerDNS Recursor could not read the 'root zone' (this is something else than the root hints) because of an unquoted TXT record. This has now been addressed, allowing operators to hardcode the root zone. This can improve security if the root zone used is kept up to date. Change in commit 1547.
- A return of an old bug, when a domain gets new nameservers, but the old nameservers continue to contain a copy of the domain, PowerDNS could get 'stuck' with the old servers. Fixed in commit 1548.
- Discovered & reported by Alexander Gall of SWITCH, the Recursor used to try to resolve 'AXFR' records over UDP. Fix in commit 1619.
- The Recursor embedded authoritative server messed up parsing a record like '@ IN MX 15 @'. Spotted by Aki Tuomi, fix in commit 1621.
- The Recursor embedded authoritative server messed up parsing really really long lines. Spotted by Marco Davids, fix in commit 1624, commit 1625.
- Packet cache was not DNS class correct. Spotted by "Robin", fix in commit 1688.
- The packet cache would cache some NXDOMAINS for too long. Solving this bug exposed an underlying oddity where the initial NXDOMAIN response had an overly long (untruncated) TTL, whereas all the next ones would be ok. Solved in commit 1679, closing ticket 281. Especially important for RBL operators. Fixed after some nagging by Alex Broens (thanks).
Changes between RC1, RC2 and RC3.
- The priming of the root now uses more IPv6 addresses. Change in commit 1550, closes ticket 287. Also, the IPv6 address of I.ROOT-SERVERS.NET was added in commit 1650.
- The rec_control dump-cache command now also dumps the 'negative query' cache. Code in commit 1713.
- PowerDNS Recursor can now bind to fe80 IPv6 space with '%eth0' link selection. Suggested by Darren Gamble, implemented with help from Niels Bakker. Change in commit 1620.
- Solaris on x86 has a long standing bug in port_getn(), which we now work around. Spotted by 'Dirk' and 'AS'. Solution suggested by the Apache runtime library, update in commit 1622.
- New runtime statistic: 'tcp-clients' which lists the number of currently active TCP/IP clients. Code in commit 1623.
- Deal better with UltraDNS style CNAME redirects containing SOA records. Spotted by Andy Fletcher from UKDedicated in ticket 303, fix in commit 1628.
- The packet cache, which has 'ready to use' packets containing answers, now artificially ages the ready to use packets. Code in commit 1630.
- Lua scripts can now indicate that certain queries will have 'variable' answers, which means that the packet cache will not touch these answers. This is great for overriding some domains for some users, but not all of them. Use setvariable() in Lua to indicate such domains. Code in commit 1636.
- Add query statistic called 'dont-outqueries', plus add IPv6 address :: and IPv4 address 0.0.0.0 to the default "dont-query" set, preventing the Recursor from talking to itself. Code in commit 1637.
- Work around a gcc 4.1 bug, still in wide use on common platforms. Code in commit 1653.
- Add 'ARCHFLAGS' to PowerDNS Recursor Makefile, easing 64 bit compilation on mainly 32 bit platforms (and vice versa).
- Under rare circumstances, querying the Recursor for statistics under very high load could lead to a crash (although this has never been observed). Bad code removed & good code unified in commit 1675.
- Spotted by Jeff Sipek, the rec_control manpage did not list the new get-all command. commit 1677.
- On some platforms, it may be better to have PowerDNS itself distribute queries over threads (instead of leaving it up to the kernel). This experimental feature can be enabled with the 'pdns-distributes-queries' setting. Code in commit 1678 and beyond. Speeds up Solaris measurably.
- Cache cleaning code was cleaned up, unified and expanded to cover the 'negative cache', which used to be cleaned rather bluntly. Code in commit 1702, further tweaks in commit 1712, spotted by Darren Gamble, Imre Gergely and Christian Kovacic.
- RC2: Fixed linking on RHEL5/CENTOS5, which both ship with a gcc compiler that claims to support atomic operations, but doesn't. Code in commit 1714. Spotted by 'Bas' and Imre Gergely.
- RC2: Negative query cache was configured to grow too large, and was not cleaned efficiently. Code in commit 1712, spotted by Imre Gergely.
- RC3: Root failed to be renewed automatically, relied on fallback to make this happen. Code in commit 1716, spotted by Detlef Peeters.