Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: PowerDNS Authoritative Server 4.2.0

PowerDNS is een dns-server met een database als backend, waardoor het beheer van een groot aantal dns-entries op een gemakkelijke manier kan plaatsvinden. De ontwikkelaars hebben eerder besloten om de twee delen waaruit PowerDNS bestaat, een recursor en een authoritative nameserver, apart uit te geven, zodat ze sneller en gerichter een nieuwe versie kunnen uitbrengen, aldus de ontwikkelaars. De authoritative nameserver zal alleen antwoorden op een dns-look-up als hij betrekking heeft op de domeinen waarvoor hij verantwoordelijk is. De ontwikkelaars hebben PowerDNS Authoritative Server 4.2.0 uitgebracht met de volgende aankondiging:

PowerDNS Authoritative Server 4.2.0

Hello everybody!
We are very happy to announce the release of Authoritative Server 4.2.0. Besides a ton of bug fixes (please see the Changelog), this release also offers a nice collection of new features.

This release was made possible by the contributions of a huge number of people. Please refer to alpha/beta/RC release announcements, and, of course, the Changelog, to find them all. Thank you all!

An important new feature is the support for Lua Records, which make the following possible, from any backend (even BIND, and LMDB!):
@ IN LUA A "ifportup(443, {'', ''})"
This will poll the named IP addresses (in the background) and only serve up hosts that are available. Far more powerful constructs are possible, for example to pick servers from regional pools close to the user, except if all servers in that pool are down. It is also possible to do traffic engineering based on subnets or AS numbers. A simple example:
@ IN LUA A ( "ifportup(443, {'', ''}, {selector='closest'})
For more about this feature, please head to the documentation.

A new tool ixfrdist transfers zones from an authoritative server and re-serves these zones over AXFR and IXFR. It checks the SOA serial for all configured domains and downloads new versions to disk. This makes it possible for hundreds of PowerDNS Recursors (or authoritative servers) to slave an (RPZ) zone from a single server, without overwhelming providers like our friends over at Spamhaus/Deteque and Farsight.

In accordance with the preliminary plans for DNS Flag Day 2020, this release lowers the default for udp-truncation-threshold from 1680 to 1232. This avoids most cases of UDP fragmentation, leading to better performance and security.

Another new feature in 4.2.0 is the LMDB backend. As an in-process, memory mapped database, it should provide performance superior to most other backends. It supports master and slave operation and is fully DNSSEC capable. Sadly, just before 4.2.0, a fix for other backends somewhat broke the LMDB backend. Slaving zones works, and loading zones with pdnsutil works, but finer-grained tools like ‘pdnsutil edit-zone’ do not. We hope to fix this in an upcoming 4.2.x release soon! If you want to try the LMDB backend, please review the two known bugs to avoid any surprises.

4.2 will see the removal of the poorly documented ‘autoserial’ feature. This removal decision was not taken lightly but as noted, its removal allows us to fix other bugs. Autoserial was holding us back. We realise it is no fun when a feature disappears, but since Authoritative Server 4.1 is still around, you can still use that if you require ‘autoserial’.
In compliance with the new Algorithm Implementation Requirements and Usage Guidance for DNSSEC RFC, support for ECC-GOST signing, validation, and support for GOST DS digests have all been removed.

We always strive to deliver secure and performant software. As part of that policy, we joined OSS-Fuzz late last year. Please see that blog post for a nice overview of everything we do to deliver secure software to you, every release.

Starting with this release, we intend to move to 6 month release cycles. This means the next release of PowerDNS Authoritative (4.3) is scheduled for February 2020. We will support a release for two cycles (one year). After that, a release will only get security fixes for one more cycle and then move to end of life status. Recursor and dnsdist are adopting the same cycle. Specific information can be found in the end of life statement.

The tarball (signature) is available at and packages for CentOS 6 and 7, Debian Stretch and Buster, Ubuntu Xenial and Bionic are available from

Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub.
Versienummer 4.2.0
Releasestatus Final
Besturingssystemen Linux, BSD, macOS, Solaris, UNIX
Website PowerDNS
Licentietype GPL

Reacties (2)

Wijzig sortering
LUA als backend? Bijzonder. Wat geeft dat voor voordeel? Heeft iemand voorbeelden?
Niet als backend zoals ik het begrijp, maar eerder support voor DNS records op basis van LUA code in combinatie met andere backends om at runtime bijvoorbeeld te kunnen beïnvloeden welk IP voor een bepaalde query wordt teruggeven.

Kan bijvoorbeeld gebruikt worden voor load balancing op niveau van DNS.


Op dit item kan niet meer gereageerd worden.

Apple iPhone 12 Microsoft Xbox Series X LG CX Google Pixel 5 Black Friday 2020 Samsung Galaxy S20 4G Sony PlayStation 5 Nintendo Switch Lite

Tweakers vormt samen met Hardware Info, AutoTrack,, Nationale Vacaturebank, Intermediair en Independer DPG Online Services B.V.
Alle rechten voorbehouden © 1998 - 2020 Hosting door True