Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: PowerDNS Authoritative Server 4.2.0

PowerDNS is een dns-server met een database als backend, waardoor het beheer van een groot aantal dns-entries op een gemakkelijke manier kan plaatsvinden. De ontwikkelaars hebben eerder besloten om de twee delen waaruit PowerDNS bestaat, een recursor en een authoritative nameserver, apart uit te geven, zodat ze sneller en gerichter een nieuwe versie kunnen uitbrengen, aldus de ontwikkelaars. De authoritative nameserver zal alleen antwoorden op een dns-look-up als hij betrekking heeft op de domeinen waarvoor hij verantwoordelijk is. De ontwikkelaars hebben PowerDNS Authoritative Server 4.2.0 uitgebracht met de volgende aankondiging:

PowerDNS Authoritative Server 4.2.0

Hello everybody!
We are very happy to announce the release of Authoritative Server 4.2.0. Besides a ton of bug fixes (please see the Changelog), this release also offers a nice collection of new features.

This release was made possible by the contributions of a huge number of people. Please refer to alpha/beta/RC release announcements, and, of course, the Changelog, to find them all. Thank you all!

LUA RECORDS
An important new feature is the support for Lua Records, which make the following possible, from any backend (even BIND, and LMDB!):
@ IN LUA A "ifportup(443, {'52.48.64.3', '45.55.10.200'})"
This will poll the named IP addresses (in the background) and only serve up hosts that are available. Far more powerful constructs are possible, for example to pick servers from regional pools close to the user, except if all servers in that pool are down. It is also possible to do traffic engineering based on subnets or AS numbers. A simple example:
@ IN LUA A ( "ifportup(443, {'52.48.64.3', '45.55.10.200'}, {selector='closest'})
For more about this feature, please head to the documentation.

IXFRDIST
A new tool ixfrdist transfers zones from an authoritative server and re-serves these zones over AXFR and IXFR. It checks the SOA serial for all configured domains and downloads new versions to disk. This makes it possible for hundreds of PowerDNS Recursors (or authoritative servers) to slave an (RPZ) zone from a single server, without overwhelming providers like our friends over at Spamhaus/Deteque and Farsight.

UDP FRAGMENTATION
In accordance with the preliminary plans for DNS Flag Day 2020, this release lowers the default for udp-truncation-threshold from 1680 to 1232. This avoids most cases of UDP fragmentation, leading to better performance and security.

LMDB BACKEND
Another new feature in 4.2.0 is the LMDB backend. As an in-process, memory mapped database, it should provide performance superior to most other backends. It supports master and slave operation and is fully DNSSEC capable. Sadly, just before 4.2.0, a fix for other backends somewhat broke the LMDB backend. Slaving zones works, and loading zones with pdnsutil works, but finer-grained tools like ‘pdnsutil edit-zone’ do not. We hope to fix this in an upcoming 4.2.x release soon! If you want to try the LMDB backend, please review the two known bugs to avoid any surprises.

DEPRECATIONS
4.2 will see the removal of the poorly documented ‘autoserial’ feature. This removal decision was not taken lightly but as noted, its removal allows us to fix other bugs. Autoserial was holding us back. We realise it is no fun when a feature disappears, but since Authoritative Server 4.1 is still around, you can still use that if you require ‘autoserial’.
In compliance with the new Algorithm Implementation Requirements and Usage Guidance for DNSSEC RFC, support for ECC-GOST signing, validation, and support for GOST DS digests have all been removed.

OTHER DEVELOPMENTS
We always strive to deliver secure and performant software. As part of that policy, we joined OSS-Fuzz late last year. Please see that blog post for a nice overview of everything we do to deliver secure software to you, every release.

RELEASE CYCLES
Starting with this release, we intend to move to 6 month release cycles. This means the next release of PowerDNS Authoritative (4.3) is scheduled for February 2020. We will support a release for two cycles (one year). After that, a release will only get security fixes for one more cycle and then move to end of life status. Recursor and dnsdist are adopting the same cycle. Specific information can be found in the end of life statement.

GETTING THE NEW SOFTWARE
The tarball (signature) is available at downloads.powerdns.com and packages for CentOS 6 and 7, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from repo.powerdns.com.

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.
Versienummer 4.2.0
Releasestatus Final
Besturingssystemen Linux, BSD, macOS, Solaris, UNIX
Website PowerDNS
Download https://downloads.powerdns.com/releases/
Licentietype GPL

Reacties (2)

Wijzig sortering
LUA als backend? Bijzonder. Wat geeft dat voor voordeel? Heeft iemand voorbeelden?
Niet als backend zoals ik het begrijp, maar eerder support voor DNS records op basis van LUA code in combinatie met andere backends om at runtime bijvoorbeeld te kunnen beïnvloeden welk IP voor een bepaalde query wordt teruggeven.

Kan bijvoorbeeld gebruikt worden voor load balancing op niveau van DNS.

Docs

Op dit item kan niet meer gereageerd worden.


Apple iPhone 11 Nintendo Switch Lite LG OLED C9 Google Pixel 4 FIFA 20 Samsung Galaxy S10 Sony PlayStation 5 Cartech

'14 '15 '16 '17 2018

Tweakers vormt samen met Hardware Info, AutoTrack, Gaspedaal.nl, Nationale Vacaturebank, Intermediair en Independer DPG Online Services B.V.
Alle rechten voorbehouden © 1998 - 2019 Hosting door True