Hello all, in the online documentation still the fork flag is mentioned. I was searching for the replacement flag. But wasn't able to find one.
Also in the pdns_recursor.1 file is still fork mentioned. I thought this was completely replaced so that pdns_recursor can also run on 4 Cores and more. Mit freundlichen Grüßen Stefan Priebe Ihr allied internet Team ------------------------------- allied internet ag Am Mittelfelde 29 30519 Hannover Deutschland Tel.: +49 (511) 5151 8000 | Fax.: +49 (511) 5151 8299 URL: www.allied-internet.ag | E-Mail: i...@allied-internet.ag Sitz der Gesellschaft: Hannover, USt-IdNr. DE813460827 Registergericht: Amtsgericht Hannover, Register-Nr.: HRB 202350 Vorstand: Cristoph Bluhm, Sebastian Bluhm, Stefan Priebe Aufsichtsrat: Prof. Dr. jur. Winfried Huck (Vorsitzender) bert hubert schrieb: > Hi everybody, > > Please find below the release notes of the PowerDNS Recursor version 3.2! > > Compared to RC1 and RC2 this version mostly contains compilation and > platform fixes (for Solaris and CentOS4/RHEL4), as well as improved > statistics, diagnostics and '--help' output, and assorted small useability > fixes. > > RC1 and RC2 are already deployed in a number of large places, and it appears > to be holding up well. In addition, a number of future users have performed > stringent testing and performance measurements, and it appears this version > works satisfactorily. > > It is also observed that this release candidate provides for vastly improved > performance compared to 3.1.7.*, even bringing us close to the very > impressive numbers measured by users of the Nominum Vantio and Nominum CNS > software. On modern hardware, the PowerDNS Recursor may in fact be faster, > and certainly better value for money. For more details, please see below. > > The PowerDNS Recursor 3.2 releases is a highly recommended upgrade. > > We are very interested in hearing your experiences, and if there are any > issues, please let us know. > > Download from: > > http://downloads.powerdns.com/releases/pdns-recursor-3.2.tar.bz2 > http://downloads.powerdns.com/releases/deb/pdns-recursor_3.2-1_i386.deb > http://downloads.powerdns.com/releases/rpm/pdns-recursor-3.2-1.i386.rpm > http://downloads.powerdns.com/releases/deb/pdns-recursor_3.2-1_amd64.deb > http://downloads.powerdns.com/releases/rpm/pdns-recursor-3.2-1.x86_64.rpm > These directories also contain PGP signatures. > > Please note that the 'universal' RPMs are, in fact, too new for RHEL4 and > derived distributions. It is expected that in the coming week, > RHEL4-compatible RPMs will be announced. > > (Nominum, Nominum CNS & Nominum Vantio are trademarks owned by > Nominum) > > Release notes > ------------- > Version with clickable links: > http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-2 > > Warning! > > Lua scripts from version 3.1.7.* are fully compatible with > version 3.2. However, scripts written for development snapshot > releases, are NOT. Please see Section 12.7 for details! > > The 3.2 release is the first major release of the PowerDNS > Recursor in a long time. Partly this is because 3.1.7.* > functioned very well, and delivered satisfying performance, > partly this is because in order to really move forward, some > heavy lifting had to be done. > > As always, we are grateful for the large PowerDNS community > that is actively involved in improving the quality of our > software, be it by submitting patches, by testing development > versions of our software or helping debug interesting issues. > We specifically want to thank Stefan Schmidt and Florian > Weimer, who both over the years have helped tremendously in > keeping PowerDNS fast, stable and secure. > > This version of the PowerDNS Recursor contains a rather novel > form of lock-free multithreading, a situation that comes close > to the old '--fork' trick, but allows the Recursor to fully > utilize multiple CPUs, while delivering unified statistics and > operational control. > > In effect, this delivers the best of both worlds: near linear > scaling, with almost no administrative overhead. > > Compared to 'regular multithreading', whereby threads cooperate > more closely, more memory is used, since each thread maintains > its own DNS cache. However, given the economics, and the > relatively limited total amount of memory needed for high > performance, this price is well worth it. > > In practical numbers, over 40,000 queries/second sustained > performance has now been measured by a third party, with a > 100.0% packet response rate. This means that the needs of > around 400,000 residential connections can now be met by a > single commodity server. > > In addition to the above, the PowerDNS Recursor is now > providing resolver service for many more Internet users than > ever before. This has brought with it 24/7 Service Level > Agreements, and 24/7 operational monitoring by networking > personnel at some of the largest telecommunications companies > in the world. > > In order to facilitate such operation, more statistics are now > provided that allow the visual verification of proper PowerDNS > Recursor operation. As an example of this there are now graphs > that plot how many queries were dropped by the operating system > because of a CPU overload, plus statistics that can be > monitored to determine if the PowerDNS deployment is under a > spoofing attack. > > All in all, this is a large and important PowerDNS Release, > paving the way for further innovation. > > Note > > This release removes support for the 'fork' multi-processor > option. In addition, the default is now to spawn two threads. > This has been done in such a way that total memory usage will > remain identical, so each thread will use half of the allocated > maximum number of cache entries. > > Changes between RC2 and -release: > > * 'Make install' when an existing configuration file > contained a 'fork' statement has been fixed. Spotted by > Darren Gamble, code in commit 1534. > * Reloading a non-existant allow-from-file caused the control > thread to stop working. Spotted by Imre Gergely, code in > commit 1532. > * Parser got confused by reading en empty line in > auth-forward-zones. Spotted by Imre Gergely, code in commit > 1533. > * David Gavarret discovered undocumented and not-working > settings to set the owner, group and access modes of the > control socket. Code by Aki Tuomi and documentation in > commit 1535. Fixup in commit 1536 for FreeBSD as found by > Ralf van der Enden. > * Tiny improvement possibly solving an issue on Solaris 10's > completion port event multiplexer (commit 1537). > > Changes between RC1 and RC2: > > * Compilation on Solaris 10 has been fixed (various > patchlevels had different issues), code in commit 1522. > * Compatibility with CentOS4/RHEL4 has been restored, the gcc > and glibc versions shipped with this distribution contain a > Thread Local Storage bug which we now work around. Thanks > to Darren Gamble and Imre Gergely for debugging this issue, > code in commit 1527. > * A failed setuid operation, because of misconfiguration, > would result in a crash instead of an error message. Fixed > in commit 1523. > * Imre Gergely discovered that PowerDNS was doing spurious > root repriming when invalidating nssets. Fixed in commit > 1531. > * Imre Gergely discovered our rrd graphs had not been changed > for the new multithreaded world, and did not allow scaling > beyond 200% cpu use. In addition, CPU usage graphs did not > add up correctly. Implemented in commit 1524. > * Andreas Jakum discovered the description of > 'max-packetcache-entries' and 'forward-zones-recurse' was > wrong in the output of '--help' and '--config'. In > addition, some stray backup files made it into the RC1 > release. Addressed in commit 1529. > > Full release notes follow, including some overlap with the > incremental release notes above. Improvements: > > * Multithreading, allowing near linear scaling to multiple > CPUs or cores. Configured using 'threads=' (many commits). > This also deprecates the '--fork' option. > * Added ability to read a configuration item of a running > PowerDNS Recursor using 'rec_control get-parameter' (commit > 1243), suggested by Wouter de Jong. > * Added ability to read all statistics in one go of a running > PowerDNS Recursor using 'rec_control get-all' (commit > 1496), suggested by Michael Renner. > * Speedups in packet generation (Commits 1258, 1259, 1262) > * TCP deferred accept() filter is turned on again for slight > DoS protection. Code in commit 1414. > * PowerDNS Recursor can now do TCP/IP queries to remote IPv6 > addresses (commit 1412). > * Solaris 9 '/dev/poll' support added, Solaris 8 now > deprecated. Changes in commit 1421, commit 1422, commit > 1424, commit 1413. > * Lua functions can now also see the address _to_ which a > question was sent, using getlocaladdress(). Implemented in > commit 1309 and commit 1315. > * Maximum cache sizes now default to a sensible value. > Suggested by Roel van der Made, implemented in commit 1354. > * Domains can now be forwarded to IPv6 addresses too, using > either ::1 syntax or [::1]:25. Thanks to Wijnand Modderman > for discovering this issue, fixed in commit 1349. > * Lua scripts can now load libraries at runtime, for example > to calculate md5 hashes. Code by Winfried Angele in commit > 1405. > * Periodic statistics output now includes average queries per > second, as well as packet cache numbers (commit 1493). > * New metrics are available for graphing, plus added to the > default graphs (commit 1495, commit 1498, commit 1503) > * Fix errors/crashes on more recent versions of Solaris 10, > where the ports functions could return ENOENT under some > circumstances. Reported and debugged by Jan Gyselinck, > fixed in commit 1372. > > New features: > > * Add pdnslog() function for Lua scripts, so errors or other > messages can be logged properly. > * New settings to set the owner, group and access modes of > the control socket (socket-owner, socket-group, > socket-mode). Code by Aki Tuomi and documentation in commit > 1535. Fixup in commit 1536 for FreeBSD as found by Ralf van > der Enden. > * rec_control now accepts a --timeout parameter, which can be > useful when reloading huge Lua scripts. Implemented in > commit 1366. > * Domains can now be forwarded with the 'recursion-desired' > bit on or off, using either forward-zones-recurse or by > prefixing the name of a zone with a '+' in > forward-zones-file. Feature suggested by Darren Gamble, > implemented in commit 1451. > * Access control lists can now be reloaded at runtime > (implemented in commit 1457). > * PowerDNS Recursor can now use a pool of > query-local-addresses to further increase resilience > against spoofing. Suggested by Ad Spelt, implemented in > commit 1426. > * PowerDNS Recursor now also has a packet cache, greatly > speeding up operations. Implemented in commit 1426, commit > 1433 and further. > * Cache can be limited in how long it maximally stores > records, for BIND compatibility (TTL limiting), by setting > max-cache-ttl.Idea by Winfried Angele, implemented in > commit 1438. > * Cache cleaning turned out to be scanning more of the cache > than necessary for cache maintenance. In addition, far more > frequent but smaller cache cleanups improve responsiveness. > Thanks to Winfried Angele for discovering this issue. > (commits 1501, 1507) > * Performance graphs enhanced with separate CPU load and > cache effectiveness plots, plus display of various overload > situations (commits 1503) > > Compiler/Operating system/Library updates: > > * PowerDNS Recursor can now compile against newer versions of > Boost (verified up to and including 1.42.0). Reported & > fixed by Darix in commit 1274. Further fixes in commit > 1275, commit 1276, commit 1277, commit 1283. > * Fix compatibility with newer versions of GCC (closes ticket > ticket 227, spotted by Ruben Kerkhof, code in commit 1345, > more fixes in commit 1394, 1416, 1440). > * Rrdtool update graph is now compatible with FreeBSD out of > the box. Thanks to Bryan Seitz (commit 1517). > * Fix up Makefile for older versions of Make (commit 1229). > * Solaris compilation improvements (out of the box, no > handwork needed). > * Solaris 9 MTasker compilation fixes, as suggested by John > Levon. Changes in commit 1431. > > Bug fixes: > > * Under rare circumstances, the recursor could crash on 64 > bit Linux systems running glibc 2.7, as found in Debian > Lenny. These circumstances became a lot less rare for the > 3.2 release. Discovered by Andreas Jakum and debugged by > #powerdns, fix in commit 1519. > * Imre Gergely discovered that PowerDNS was doing spurious > root repriming when invalidating nssets. Fixed in commit > 1531. > * Configuration parser is now resistant against trailing tabs > and other whitespace (commit 1242) > * Fix typo in a Lua error message. Close ticket 210, as > reported by Stefan Schmidt (commit 1319). > * Profiled-build instructions were broken, discovered & fixes > suggested by Stefan Schmidt. ticket 239, fix in commit > 1462. > * Fix up duplicate SOA from a remote authoritative server > from showing up in our output (commit 1475). > * All security fixes from 3.1.7.2 are included. > * Under highly exceptional circumstances on FreeBSD the > PowerDNS Recursor could crash because of a TCP/IP error. > Reported and fixed by Andrei Poelov in ticket 192, fixed in > commit 1280. > * PowerDNS Recursor can be a root-server again. Error spotted > by the ever vigilant Darren Gamble (t229), fix in commit > 1458. > * Rare TCP/IP errors no longer lead to PowerDNS Recursor > logging errors or becoming confused. Debugged by Josh Berry > of Plusnet PLC. Code in commit 1457. > * Do not hammer parent servers in case child zones are > misconfigured, requery at most once every 10 seconds. > Reported & investigated by Stefan Schmidt and Andreas > Jakum, fixed in commit 1265. > * Properly process answers from remote authoritative servers > that send error answers without including the original > question (commit 1329, commit 1327). > * No longer spontaneously turn on 'export-etc-hosts' after > reloading zones. Discovered by Paul Cairney, reported in > ticket 225, addressed in commit 1348. > * Very abrupt server failure of large numbers of high-volume > authoritative servers could trigger an out of memory > situation. Addressed in commit 1505. > * Make timeouts for queries to remote authoritative servers > configurable with millisecond granularity. In addition, the > old code turned out to consider the timeout expired when > the integral number of seconds since 1970 increased by 1 - > which *on average* is after 500ms. This might have caused > spurious timeouts! New default timeout is 1500ms. See > network-timeout setting for more details. Code in commit > 1402. > > - ends - _______________________________________________ Pdns-announce mailing list pdns-annou...@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-announce _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users