| 112 | | Packet cache, for much enhanced performance. |
| 113 | | </para> |
| 114 | | </listitem> |
| 115 | | <listitem> |
| 116 | | <para> |
| 117 | | Solaris 9 '/dev/poll' support added, Solaris 8 now deprecated |
| | 113 | Added ability to read a configuration item of a running PowerDNS Recursor using 'rec_control get-all' (c1243), suggested by Wouter de Jong. |
| | 114 | </para> |
| | 115 | </listitem> |
| | 116 | <listitem> |
| | 117 | <para> |
| | 118 | Speedups in packet generation (Commits C1258, C1259, C1262) |
| | 119 | </para> |
| | 120 | </listitem> |
| | 121 | <listitem> |
| | 122 | <para> |
| | 123 | TCP deferred accept() filter is turned on again for slight DoS protection. Code in c1414. |
| | 124 | </para> |
| | 125 | </listitem> |
| | 126 | <listitem> |
| | 127 | <para> |
| | 128 | PowerDNS Recursor can now do TCP/IP queries to remote IPv6 addresses (c1412). |
| | 129 | </para> |
| | 130 | </listitem> |
| | 131 | |
| | 132 | <listitem> |
| | 133 | <para> |
| | 134 | Solaris 9 '/dev/poll' support added, Solaris 8 now deprecated. Changes in c1421, c1422, c1424, c1413. |
| | 135 | </para> |
| | 136 | </listitem> |
| | 137 | |
| | 138 | <listitem> |
| | 139 | <para> |
| | 140 | Lua functions now also get sent the address _to_ which a question was sent. Implemented in c1309 and c1315. |
| | 141 | WARNING: This breaks unmodified Lua scripts! |
| | 142 | </para> |
| | 143 | </listitem> |
| | 144 | <listitem> |
| | 145 | <para> |
| | 146 | Maximum cache sizes now default to a sensible value. Suggested by Roel van der Made, implemented in c1354. |
| | 147 | </para> |
| | 148 | </listitem> |
| | 149 | <listitem> |
| | 150 | <para> |
| | 151 | Domains can now be forwarded to IPv6 addresses too, using either ::1 syntax or [::1]:25. Thanks to Wijnand Modderman for discovering this issue, fixed in c1349. |
| | 152 | </para> |
| | 153 | </listitem> |
| | 154 | <listitem> |
| | 155 | <para> |
| | 156 | Lua scripts can now load libraries at runtime, for example to calculate md5 hashes. Code by Winfried Angele in c1405. |
| | 157 | </para> |
| | 158 | </listitem> |
| | 159 | |
| | 160 | <listitem> |
| | 161 | <para> |
| | 162 | Periodic statistics output now includes average queries per second, as well as packet cache numbers (c1493). |
| | 163 | </para> |
| | 164 | </listitem> |
| | 165 | <listitem> |
| | 166 | <para> |
| | 167 | New metrics are available for graphing (DOCUMENTATION FORTHCOMING), plus added to the default graphs (c1495, c1498, c1503) |
| | 168 | </para> |
| | 169 | |
| | 170 | </listitem> |
| | 171 | <listitem> |
| | 172 | <para> |
| | 173 | Fix errors/crashes on more recent versions of Solaris 10, where the ports functions could return ENOENT under some circumstances. Reported and debugged by |
| | 174 | Jan Gyselinck, fixed in c1372. |
| | 175 | </para> |
| | 176 | </listitem> |
| | 177 | </itemizedlist> |
| | 178 | New features: |
| | 179 | <itemizedlist> |
| | 180 | <listitem> |
| | 181 | <para> |
| | 182 | Add pdnslog() function for Lua scripts, so errors or other messages can be logged properly. |
| | 183 | </para> |
| | 184 | </listitem> |
| | 185 | <listitem> |
| | 186 | <para> |
| | 187 | rec_control now accepts a --timeout parameter, which can be useful when reloading huge Lua scripts. Implemented in c1366. |
| | 188 | </para> |
| | 189 | </listitem> |
| | 190 | |
| | 191 | <listitem> |
| | 192 | <para> |
| | 193 | 'rec_control get-all' now retrieves all statistics in one call (c1496). |
| | 194 | </para> |
| | 195 | </listitem> |
| | 196 | <listitem> |
| | 197 | <para> |
| | 198 | Domains can now be forwarded with the 'recursion-desired' bit on or off. Feature suggested by Darren Gamble, implemented in c1451. DOCUMENTATION FORTHCOMING! |
| | 199 | </para> |
| | 200 | </listitem> |
| | 201 | <listitem> |
| | 202 | <para> |
| | 203 | Access control lists can now be reloaded at runtime (implemented in c1457). |
| | 204 | </para> |
| | 205 | </listitem> |
| | 206 | <listitem> |
| | 207 | <para> |
| | 208 | PowerDNS Recursor can now use a pool of query-local-addresses to further increase resilience against spoofing. Suggested by Ad Spelt, implemented in c1426. |
| | 209 | DOCUMENTATION FORTHCOMING! |
| | 210 | </para> |
| | 211 | </listitem> |
| | 212 | <listitem> |
| | 213 | <para> |
| | 214 | PowerDNS Recursor now also has a packet cache, greatly speeding up operations. Implemented in c1426, c1433 and further. |
| | 215 | DOCUMENTATION FORTHCOMING! |
| | 216 | </para> |
| | 217 | </listitem> |
| | 218 | <listitem> |
| | 219 | <para> |
| | 220 | Cache can be limited in how long it stores records, for BIND compatibility. Patch by Winfried Angele in c1438. |
| | 221 | DOCUMENTATION FORTHCOMING! |
| | 222 | </para> |
| | 223 | </listitem> |
| | 224 | |
| | 225 | </itemizedlist> |
| | 226 | Compiler/Operating system/Library updates: |
| | 227 | <itemizedlist> |
| | 228 | <listitem> |
| | 229 | <para> |
| | 230 | PowerDNS Recursor can now compile against newer versions of Boost. Reported & fixed by Darix in c1274. Further fixes in c1275, c1276, c1277, c1283. |
| | 231 | </para> |
| | 232 | </listitem> |
| | 233 | <listitem> |
| | 234 | <para> |
| | 235 | Fix compatibility with newer versions of GCC (closes ticket t227, spotted by Ruben Kerkhof, code in c1345, more fixes in commit C1394, C1416, C1440). |
| | 236 | </para> |
| | 237 | </listitem> |
| | 238 | <listitem> |
| | 239 | <para> |
| | 240 | Fix up Makefile for older versions of Make (c1229) |
| | 248 | <listitem> |
| | 249 | <para> |
| | 250 | Solaris 9 MTasker compilation fixes, as suggested by John Levon. Changes in c1431. |
| | 251 | </para> |
| | 252 | </listitem> |
| | 253 | |
| | 254 | |
| | 255 | </itemizedlist> |
| | 256 | Bug fixes: |
| | 257 | <itemizedlist> |
| | 258 | <listitem> |
| | 259 | <para> |
| | 260 | Configuration parser is now resistant against trailing tabs and other whitespace (c1242) |
| | 261 | </para> |
| | 262 | </listitem> |
| | 263 | |
| | 264 | <listitem> |
| | 265 | <para> |
| | 266 | Fix typo in a Lua error message. Close t210, as reported by Stefan Schmidt (c1319). |
| | 267 | </para> |
| | 268 | </listitem> |
| | 269 | <listitem> |
| | 270 | <para> |
| | 271 | Profiled-build instructions were broken, discovered & fixes suggested by Stefan Schmidt. t239, fix in c1462. |
| | 272 | </para> |
| | 273 | </listitem> |
| | 274 | <listitem> |
| | 275 | <para> |
| | 276 | Fix up duplicate SOA from a remote authoritative server from showing up in our output (c1475). |
| | 277 | </para> |
| | 278 | </listitem> |
| | 279 | |
| | 280 | <listitem> |
| | 281 | <para> |
| | 282 | All security fixes from 3.1.7.2 are included. |
| | 283 | </para> |
| | 284 | </listitem> |
| | 285 | |
| | 286 | <listitem> |
| | 287 | <para> |
| | 288 | Under highly exceptional circumstances on FreeBSD the PowerDNS Recursor could crash because of a TCP/IP error. |
| | 289 | Reported and fixed by Andrei Poelov in t192, fixed in c1280. |
| | 290 | </para> |
| | 291 | </listitem> |
| | 292 | <listitem> |
| | 293 | <para> |
| | 294 | PowerDNS Recursor can be a root-server again. Error spotted by the ever vigilant Darren Gamble (t229), fix in c1458. |
| | 295 | </para> |
| | 296 | </listitem> |
| | 297 | |
| | 298 | <listitem> |
| | 299 | <para> |
| | 300 | Rare TCP/IP errors no longer lead to PowerDNS Recursor logging errors or becoming confused. Debugged by Josh Berry of Plusnet PLC. Code in c1457. |
| | 301 | </para> |
| | 302 | </listitem> |
| | 303 | |
| | 304 | <listitem> |
| | 305 | <para> |
| | 306 | Do not hammer parent servers in case child zones are misconfigured, requery at most once every 10 seconds. Reported & investigated by |
| | 307 | Stefan Schmidt and Andreas Jakum, fixed in c1265. |
| | 308 | </para> |
| | 309 | </listitem> |
| | 310 | <listitem> |
| | 311 | <para> |
| | 312 | Properly process answers from remote authoritative servers that send error answers without including the original question (c1329, c1327). |
| | 313 | </para> |
| | 314 | </listitem> |
| | 315 | |
| | 316 | <listitem> |
| | 317 | <para> |
| | 318 | No longer spontaneously turn on 'export-etc-hosts' after reloading zones. Discovered by Paul Cairney, reported in t225, addressed in c1348. |
| | 319 | </para> |
| | 320 | </listitem> |
| | 321 | |
| | 322 | <listitem> |
| | 323 | <para> |
| | 324 | Make timeouts for queries to remote authoritative servers configurable with millisecond granularity. In addition, the old code turned out to consider the timeout |
| | 325 | expired when the integral number of seconds since 1970 increased by 1 - which *on average* is after 500ms. This might have caused spurious timeouts! New default |
| | 326 | timeout is 1500ms. Code in c1402. DOCUMENTATION FORTHCOMING! |
| | 327 | </para> |
| | 328 | </listitem> |
| | 329 | |
| | 330 | |
| 11364 | | |
| | 11570 | <sect2><title id="implement-the-any-query">Notes</title> |
| | 11571 | <para> |
| | 11572 | Besides regular query types, the DNS also knows the 'ANY' query type. When a server receives |
| | 11573 | a question for this ANY type, it should reply with all record types available. |
| | 11574 | </para> |
| | 11575 | <para> |
| | 11576 | Backends should therefore implement being able to answer 'ANY' queries in this way, and supply all |
| | 11577 | record types they have when they receive such an 'ANY' query. This is reflected in the sample script above, |
| | 11578 | which for every qtype answers if the type matches, or if the query is for 'ANY'. |
| | 11579 | </para> |
| | 11580 | <para> |
| | 11581 | However, since backends need to implement the ANY query anyhow, PowerDNS makes use of this. Since almost all |
| | 11582 | DNS queries internally need to be translated first into a CNAME query and then into the actual query, possibly |
| | 11583 | followed by a SOA or NS query (this is how DNS works internally), it makes sense for PowerDNS to speed this up, |
| | 11584 | and just ask the ANY query of a backend. |
| | 11585 | </para> |
| | 11586 | <para> |
| | 11587 | When it has done so, it gets the data about SOA, CNAME and NS records in one go. This speeds things up tremendously. |
| | 11588 | </para> |
| | 11589 | <para> |
| | 11590 | The upshot of the above is that for any backend, including the PIPE backend, implementing the ANY query is NOT optional. |
| | 11591 | And in fact, a backend may see almost exclusively ANY queries. This is not a bug. |
| | 11592 | </para> |
| | 11593 | </sect2> |
