(From: https://blog.powerdns.com/2018/12/14/powerdns-authoritative-server-4-2-0-alpha1-lua-records-ixfrdist-swagger/ )
We’re proud to release the first alpha version of the PowerDNS Authoritative
Server 4.2 series. While some users have already deployed this version straight
from our package builders[1] or master repositories[2], this is still a very
fresh release.
4.2 represents almost a year of development over 4.1 and contains some major
new features and improvements, while deprecating some functionality you may
have been relying on (autoserial, for example).
LUA RECORDS
An important new feature is the support for Lua Records[3], which make the
following possible, from any backend (even BIND!):
@ IN LUA A "ifportup(443, {'52.48.64.3', '45.55.10.200'})"
This will poll the named IP addresses (in the background) and only serve up
hosts that are available. Far more powerful constructs are possible, for
example to pick servers from regional pools close to the user, except if all
servers in that pool are down. It is also possible to do traffic engineering
based on subnets or AS numbers. A simple example:
@ IN LUA A ( "ifportup(443, {'52.48.64.3', '45.55.10.200'}, "
"{selector='closest'})
For more about this feature, please head to the documentation:
https://doc.powerdns.com/authoritative/lua-records/index.html
DEPRECATIONS
4.2 will see the removal of the poorly documented ‘autoserial’ feature. This
removal decision was not taken lightly but as noted[4], its removal allows us
to fix other bugs. Autoserial was holding us back. We realise it is no fun when
a feature disappears, but since Authoritative Server 4.1 is still around, you
can still use that if you require ‘autoserial’.
Following RFC6986 and anticipating the publication of Algorithm Implementation
Requirements and Usage Guidance for DNSSEC, support for both ECC-GOST signing
and GOST DS digests have been removed.
IXFRDIST
A new tool ixfrdist[5] transfers zones from an authoritative server and
re-serves these zones over AXFR and IXFR. It checks the SOA serial for all
configured domains and downloads new versions to disk. This makes it possible
for hundreds of PowerDNS Recursors (or authoritative servers) to slave an (RPZ)
zone from a single server, without overwhelming providers like our friends over
at Spamhaus/Deteque[6] and Farsight[7].
Inspired by our Open-Xchange[8] colleagues our API is now described by a
Swagger[9] spec!
LOG-LOG HISTOGRAMS
Over at PowerDNS, we love statistics. Making sense of DNS performance is not
that easy however – most queries get answered very quickly, but it is the
outliers that determine how users “experience the internet”. It turns out that
log-log histograms make it possible to fully capture the quality of a DNS
service. As explained in this blog post[10], PowerDNS now comes with tooling to
make such histograms:
https://powerdnsblog.files.wordpress.com/2017/11/log-full-avg.png
Note that this tooling is not specific to PowerDNS Authoritative or even
PowerDNS: it will analyse any PCAP file with DNS in there.
IMPROVEMENTS, FIXES
- Threads now set their name[11]
- Massive speedup in record deduplication code, which was causing problems when
serving very large responses[12]
- Support for OpenSSL 1.1.1’s ed25519 and ed448[13]
- Enhance query-logging with timing for MySQL, PostgreSQL and SQLite. Slow
databases are a frequent cause for bad PowerDNS performance. This logging
delivers detail on how slow/fast your backend is for specific queries[14].
MUCH MORE
The changelog lists many more improvements and bug fixes:
https://doc.powerdns.com/authoritative/changelog/4.2.html
Please also see the recent "Important Changes in PowerDNS Authoritative Server
4.2.0"[15] and "Enabling continuous fuzzing of PowerDNS products"[16] blog
posts.
The tarball is available on downloads.powerdns.com[17] (signature[18]) and
packages for CentOS 6 and 7, Debian Jessie and Stretch, Ubuntu Bionic, Trusty
and Xenial are available from https://repo.powerdns.com
Please send us all feedback and issues you might have via the mailing list, or
in case of a bug, via GitHub[19].
1 - https://builder.powerdns.com/
2 - https://repo.powerdns.com/
3 - https://blog.powerdns.com/2017/12/15/powerdns-authoritative-lua-records/
4 -
https://blog.powerdns.com/2018/12/07/important-changes-in-powerdns-authoritative-server-4-2-0/
5 - https://doc.powerdns.com/authoritative/manpages/ixfrdist.1.html
6 - https://www.deteque.com/
7 - https://www.farsightsecurity.com/
8 - https://www.open-xchange.com/
9 - https://swagger.io/
10 -
https://blog.powerdns.com/2017/11/02/dns-performance-metrics-the-logarithmic-percentile-histogram/
11 - https://github.com/PowerDNS/pdns/pull/6997
12 - https://github.com/PowerDNS/pdns/pull/6730
13 - https://github.com/PowerDNS/pdns/pull/6910
14 - https://github.com/PowerDNS/pdns/pull/6975
15 -
https://blog.powerdns.com/2018/12/07/important-changes-in-powerdns-authoritative-server-4-2-0/
16 -
https://blog.powerdns.com/2018/12/12/enabling-continuous-fuzzing-of-powerdns-products/
17 - https://downloads.powerdns.com/releases/pdns-4.2.0-alpha1.tar.bz2
18 - https://downloads.powerdns.com/releases/pdns-4.2.0-alpha1.tar.bz2.sig
19 - https://github.com/PowerDNS/pdns/issues/new
--
Erik Winkels
PowerDNS.COM BV -- https://www.powerdns.com
signature.asc
Description: PGP signature
_______________________________________________ Pdns-dev mailing list Pdns-dev@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-dev
