PowerDNS manual PowerDNS BV It is a book about a Spanish guy called Manual. You shou ld read it. -- Dilbert __________________________________________________________ Table of Contents 1. The PowerDNS dynamic nameserver 1.1. Function & design of PDNS 1.2. About this document 1.3. Release notes 1.3.1. Authoritative Server version 2.9.22 (UNRELEASED) 1.3.2. Authoritative Server version 2.9.21.2 1.3.3. Authoritative Server version 2.9.21.1 1.3.4. Recursor version 3.1.7 1.3.5. Recursor version 3.1.6 1.3.6. Recursor version 3.1.5 1.3.7. PowerDNS Authoritative Server version 2.9.21 1.3.8. Recursor version 3.1.4 1.3.9. Recursor version 3.1.3 1.3.10. Recursor version 3.1.2 1.3.11. Recursor version 3.1.1 1.3.12. Recursor version 3.0.1 1.3.13. Recursor version 3.0 1.3.14. Version 2.9.20 1.3.15. Version 2.9.19 1.3.16. Version 2.9.18 1.3.17. Version 2.9.17 1.3.18. Version 2.9.16 1.3.19. Version 2.9.15 1.3.20. Version 2.9.14 1.3.21. Version 2.9.13 1.3.22. Version 2.9.12 1.3.23. Version 2.9.11 1.3.24. Version 2.9.10 1.3.25. Version 2.9.8 1.3.26. Version 2.9.7 1.3.27. Version 2.9.6 1.3.28. Version 2.9.5 1.3.29. Version 2.9.4 1.3.30. Version 2.9.3a 1.3.31. Version 2.9.2 1.3.32. Version 2.9.1 1.3.33. Version 2.9 1.3.34. Version 2.8 1.3.35. Version 2.7 and 2.7.1 1.3.36. Version 2.6.1 1.3.37. Version 2.6 1.3.38. Version 2.5.1 1.3.39. Version 2.5 1.3.40. Version 2.4 1.3.41. Version 2.3 1.3.42. Version 2.2 1.3.43. Version 2.1 1.3.44. Version 2.0.1 1.3.45. Version 2.0 1.3.46. Version 2.0 Release Candidate 2 1.3.47. Version 2.0 Release Candidate 1 1.3.48. Version 1.99.12 Prerelease 1.3.49. Version 1.99.11 Prerelease 1.3.50. Version 1.99.10 Prerelease 1.3.51. Version 1.99.9 Early Access Prerelease 1.3.52. Version 1.99.8 Early Access Prerelease 1.3.53. Version 1.99.7 Early Access Prerelease 1.3.54. Version 1.99.6 Early Access Prerelease 1.3.55. Version 1.99.5 Early Access Prerelease 1.3.56. Version 1.99.4 Early Access Prerelease 1.3.57. Version 1.99.3 Early Access Prerelease 1.3.58. Version 1.99.2 Early Access Prerelease 1.3.59. Version 1.99.1 Early Access Prerelease 1.4. Security 1.5. PowerDNS Security Advisory 2006-01: Malformed TCP queries can lead to a buffer overflow which might be exploitable 1.6. PowerDNS Security Advisory 2006-02: Zero second CNAME TTLs can make PowerDNS exhaust allocated stack space, and crash 1.7. PowerDNS Security Advisory 2008-01: System random generator can be predicted, leading to the potential to 'spoof' PowerDNS Recursor 1.8. PowerDNS Security Advisory 2008-02: By not responding to certain queries, domains become easier to spoof 1.9. PowerDNS Security Advisory 2008-02: Some PowerDNS Configurations can be forced to restart remotely 1.10. Acknowledgements 2. Installing on Unix 2.1. Possible problems at this point 2.2. Testing your install 2.2.1. Typical errors 2.3. Running PDNS on unix 3. Installing on Microsoft Windows 3.1. Configuring PDNS on Microsoft Windows 3.2. Running PDNS on Microsoft Windows 4. Basic setup: configuring database connectivity 4.1. Example: configuring MySQL 4.1.1. Common problems 5. Dynamic resolution using the PipeBackend 5.1. Deploying the PipeBackend with the BindBackend 6. Logging & Monitoring Authoritative Server performance 6.1. Webserver 6.2. Via init.d commands 6.3. Operational logging using syslog 7. Security settings & considerations 7.1. Settings 7.1.1. Running as a less privileged identity 7.1.2. Jailing the process in a chroot 7.2. Considerations 8. Virtual hosting 9. Performance 9.1. General advice 9.2. Native Posix Thread Library vs LinuxThreads 9.3. Performance related settings 9.3.1. Packet Cache 9.3.2. Query Cache 10. Migrating to PDNS 10.1. Zone2sql 11. Recursion 11.1. Details 12. PowerDNS resolver/recursing nameserver 12.1. pdns_recursor settings 12.2. Controlling and querying the recursor 12.3. PowerDNS Recursor performance 12.4. Details 12.4.1. Anti-spoofing 12.4.2. Throttling 12.5. Statistics 12.6. Scripting 12.6.1. Configuring Lua scripts 12.6.2. Writing Lua PowerDNS Recursor scripts 12.7. Design and Engineering of the PowerDNS Recursor 12.7.1. The PowerDNS Recursor 12.7.2. Synchronous code using MTasker 12.7.3. MPlexer 12.7.4. MOADNSParser 12.7.5. The C++ Standard Library / Boost 12.7.6. Actual DNS Algorithm 12.7.7. The non-cached case 12.7.8. Some of the things we glossed over 12.7.9. The Recursor Cache 12.7.10. Some small things 13. Master/Slave operation & replication 13.1. Native replication 13.2. Slave operation 13.2.1. Supermaster automatic provisioning of slaves 13.3. Master operation 14. Fancy records for seamless email and URL integration 15. Index of all Authoritative Server settings 16. Index of all Authoritative Server metrics 16.1. Counters & variables 16.1.1. Counters 16.1.2. Ring buffers 17. Supported record types and their storage 18. HOWTO & Frequently Asked Questions 18.1. Getting support, free and paid FAQ 18.2. Using and Compiling PowerDNS FAQ 18.3. Backend developer HOWTO 18.4. About PowerDNS.COM BV, 'the company' 19. Other tools included with PowerDNS 19.1. Notification proxy (nproxy) 20. Tools to analyse DNS traffic A. Backends in detail A.1. PipeBackend A.1.1. PipeBackend protocol A.2. MySQL backend A.2.1. Configuration settings A.2.2. Notes A.3. Random Backend A.4. MySQL PDNS backend A.4.1. Notes A.5. Generic MySQL and PgSQL backends A.5.1. MySQL specifics A.5.2. PostgresSQL specifics A.5.3. Oracle specifics A.5.4. Basic functionality A.5.5. Master/slave queries A.5.6. Fancy records A.5.7. Settings and specifying queries A.5.8. Native operation A.5.9. Slave operation A.5.10. Superslave operation A.5.11. Master operation A.6. Oracle backend A.6.1. Setting up Oracle for use with PowerDNS A.7. Generic SQLite backend (2 and 3) A.7.1. Compiling the SQLite backend A.7.2. Setting up the database A.7.3. Using the SQLite backend A.8. DB2 backend A.9. Bind zone file backend A.9.1. Operation A.9.2. Pdns_control commands A.9.3. Performance A.9.4. Master/slave configuration A.9.5. Commands A.10. ODBC backend A.11. XDB Backend A.12. LDAP backend A.13. OpenDBX backend A.14. Geo backend B. PDNS internals B.1. Controlsocket B.1.1. pdns_control B.2. Guardian B.3. Modules & Backends B.4. How PDNS translates DNS queries into backend queries C. Backend writers' guide C.1. Simple read-only native backends C.1.1. A sample minimal backend C.1.2. Interface definition C.2. Reporting errors C.3. Declaring and reading configuration details C.4. Read/write slave-capable backends C.4.1. Supermaster/Superslave capability C.5. Read/write master-capable backends D. Compiling PowerDNS D.1. Compiling PowerDNS on Unix D.1.1. AIX D.1.2. FreeBSD D.1.3. Linux D.1.4. MacOS X D.1.5. OpenBSD D.1.6. Solaris D.2. Compiling PowerDNS on Windows D.2.1. Assumptions D.2.2. Prequisites D.2.3. Nullsoft Installer D.2.4. Setting up the build-environment D.2.5. Compilation D.2.6. Miscellaneous E. PowerDNS license (GNU General Public License version 2) F. Further copyright statements F.1. AES implementation by Brian Gladman List of Tables 1-1. PowerDNS Security Advisory 1-2. PowerDNS Security Advisory 1-3. PowerDNS Security Advisory 1-4. PowerDNS Security Advisory 1-5. PowerDNS Security Advisory 17-1. SOA fields A-1. PipeBackend capabilities A-2. MySQL backend capabilities A-3. Random Backend capabilities A-4. MySQL backend capabilities A-5. Generic PgSQL and MySQL backend capabilities A-6. Oracle backend capabilities A-7. Generic SQLite backend capabilities A-8. DB2 backend capabilities A-9. Bind zone file backend capabilities A-10. ODBC backend capabilities A-11. LDAP backend capabilities A-12. OpenDBX backend capabilities A-13. Geo backend capabilities C-1. DNSResourceRecord class C-2. SOAData struct C-3. DomainInfo struct __________________________________________________________ Chapter 1. The PowerDNS dynamic nameserver The PowerDNS daemon is a versatile nameserver which supports a large number of backends. These backends can either be plain zonefiles or be more dynamic in nature. Additionally, through use of clever programming techniques, PowerDNS offers very high domain resolution performance. Prime examples of backends include relational databases, but also (geographical) loadbalancing and failover algorithms. The company is called PowerDNS.COM BV, the nameserver daemon is called PDNS. __________________________________________________________ 1.1. Function & design of PDNS PowerDNS consists of two parts: the Authoritative Server and the Recursor. Other nameservers fully combine these functions, PowerDNS offers them separately, but can mix both authoritative and recursive usage seamlessly. The Authoritative Server will answer questions about domains it knows about, but will not go out on the net to resolve queries about other domains. However, it can use a recursing backend to provide that functionality. Depending on your needs, this backend can either be the PowerDNS recursor or an external one. When the Authoritative Server answers a question, it comes out of the database, and can be trusted as being authoritative. There is no way to pollute the cache or to confuse the daemon. The Recursor, conversely, by default has no knowledge of domains itself, but will always consult other authoritative servers to answer questions given to it. PDNS has been designed to serve both the needs of small installations by being easy to setup, as well as for serving very large query volumes on large numbers of domains. Another prime goal is security. By the use of language features, the PDNS source code is very small (in the order of 10.000 lines) which makes auditing easy. In the same way, library features have been used to mitigate the risks of buffer overflows. Finally, PDNS is able to give a lot of statistics on its operation which is both helpful in determining the scalability of an installation as well as for spotting problems. __________________________________________________________ 1.2. About this document If you are reading this document from disk, you may want to check http://doc.powerdns.com for updates. The PDF version is available on http://doc.powerdns.com/pdf, a text file is on http://doc.powerdns.com/txt/. __________________________________________________________ 1.3. Release notes Before proceeding, it is advised to check the release notes for your PDNS version, as specified in the name of the distribution file. Beyond PowerDNS 2.9.20, the Authoritative Server and Recursor are released separately. __________________________________________________________ 1.3.1. Authoritative Server version 2.9.22 (UNRELEASED) Warning UNRELEASED! This is a huge release, spanning almost 18 months of development. Besides fixing a lot of bugs, of note is the addition of the so called 'Notification Proxy', which allows PowerDNS to function as a master server behind a firewall, plus the huge performance improvement of the internal caches. This work has been made possible by UPC Broadband and Directi, respectively. Finally, the release candidates of this version have been tested & improved by Jorn Ekkelenkamp, Ton van Rosmalen, Jeff Sipek, and (your name here!). New features: * pdns_control can now also work over TCP/IP. Sponsored by Directi. Commits 1246, 1251, 1254, 1255. * Implemented a notification proxy, see Section 19.1. This work was sponsored by UPC Broadband. Implemented in commits 1075, 1077, 1082, 1083, 1085 and 1086. * IXFR queries are now supported in the sense that we treat them as AXFR queries, silencing warnings in other nameservers. Suggested in ticket 131. * The PIPE backend has been extended by David Apgar to allow the reporting of errors using the 'FAIL' command, plus support for responses with whitespace. Implemented in commit 1114. * PowerDNS Authoritative server now parses incoming EDNS options, like maximum allowed packet size. Implemented in commit 1123 and commit 1281. * Added support for DHCID, IPSECKEY and KX records, thanks Norbert Sendetzky for the hint. Implemented in commit 1144. * Norbert Sendetzky has has added support for all record types supported by PowerDNS to the LDAPBackend. Furthermore, the detection of OpenLDAP in autoconf has been improved. Finally, debian has supplied some fixes to PowerLDAP. Implemented in commit 1152 and commit 1153. * Implemented EDNS NSID option for retrieving the nameserver ID out of band. Defaults to hostname, can be specified using the server-id setting. Code in commit 1232. * Implemented experimental EDNS PING for enhanced forgery resilience. Code in commit 1232. Performance: * Improve packet generation performance, in some cases by 25%. Code in 1258, 1259. * Improved access list checking performance. commit 1261. * PowerDNS Authoritative caches were completely redone, and are now based on the same cache that is in the resolver. This work has been sponsored by Directi. In large benchmarks, PowerDNS performance has improved by an order of magnitude or more. This new version allows for near-instantaneous cache purging, plus very rapid purging based on suffix. Purge commands can also be batched. This work is partially based on an innovative reverse-string comparison function authored by Aki Tuomi. * BIND backend speedups in commit 1108, measured at around a 20% improvement, possibly more on very large setups. Bugs fixed: * Tyler Hall discovered the PowerDNS configuration file parser had problems with trailing tabs. This turned out to be a wider problem in PowerDNS. Buggy code replaced by a library call in commit 1237 and commit 1240. * Connection reset by peer events in the TCP nameserver no longer lead to the cycling of database connections. Code in commit 1241. * Webserver no longer prints '1e2%'. Finally closes ticket 26. Much friendly nagging for over 3 years by Jeff Sipek, code in commit 1303. * PowerDNS used to ignore certain queries it could not answer. These queries are no longer ignored, but get a SERVFAIL response. Implemented in commit 1239. * Fix subtle CNAME and wildcard interactions reported by 'zzyzz', implemented in commit 1147. * The generic backends did not honour the default-ttl setting. Spotted and implemented by Matti Hiljanen. * Matti Hiljanen discovered that the OpenDBX backend did not fill out the SOA ttl value properly. Matti also improved the SQL statements for better compatability. Implemented in commit 1181. * Treat invalid WWW requests better. Spotted by Maikel Verheijen, implemented in commit 1092. * Documentation errors and typos, spotted by Marco Davids (commit 1097) and Rejo Zengers (commit 1119) * Properly fill out the 'recursion available'-flag. Spotted by Augie Schwer in ticket 167. * Several memory leaks on bad data in the database or other errors have been fixed. Addressed in 1078 and 1079. * In contravention to the documentation, the domain type as specified in the database ('MASTER', 'SLAVE' or 'NATIVE') was interpreted case sensitively. 1084. * BIND backend could crash on processing information about slave zones to be checked. Spotted by Stefan Schmidt, fixed in 1089. * Jelte Jansen of Stichting NLNetLabs discovered PowerDNS in BIND mode couldn't operate as a root-server! Fixed in 1057. * 'DPS' discovered there was a rare opportunity for PowerDNS to lock up waiting for new data. Addressed in 1076. * Make singlethreaded mode more resilient against errors. commit 1272. * DNSSEC records were part of 2.9.21, but were not actually hooked up. Please note that while PowerDNS can serve most DNSSEC records, it does not do DNSSEC processing. Implemented in 1046. * Shawn Starr migrated all his domains to PowerDNS in one evening, from an installation that had been used since BIND4. In doing so, he found 3 bugs in as many hours. An IN statement in the BIND named.conf with a zone with a trailing dot was misparsed, fixed in commit 1233. Secondly, the zonefile parser tripped over a line consisting of nothing but comments in the wrong place. Finally '$ORIGIN .' was misparsed. Last two issues fixed in commit 1234. * Our statistics counters did not wrap correctly after the 2.15 billion mark. Spotted by Stefan Schmidt, reported in ticket 179, fixed in commit 1284. * Bindbackend could sometimes generate very strange error messages while processing a malformed zone file. Sometimes such error messages could cause a crash (reported on HP-UX). Addressed by commit 1279. This could not be triggered remotely. Closes ticket ticket 203. Improvements: * Zoneparser improvements mean $TTL and $INCLUDES now work a lot better. Implemented in 1056, 1062. * Direct queries for 'fancy records' would lead to errors, such queries now fail early. Spotted by Jorn Ekkelenkamp, implemented in 1051. * Fix typo in geobackend, closing ticket 157, implemented in 1090. * Initial work on TSIG support - not done yet. Spurred on by Marco Davids. * Embarrassingly, the 'master' configuration setting was not documented in the list of all settings! * Norbert has updated OpenDBX so that SQLite reads and writes no longer deadlock, plus compliation fixes on Solaris, plus the addition of autoserials to backends that support triggers. Implemented in commit 1154. * Random generator is now based on AES, improving the security of certain proxy operations. This is the same random generator that is in the recursor. Implemented in commit 1256. * Documentation for 'supermaster' mode was improved due to popular demand. * When binding to a UDP port failed, supply a more precise error message (commit 1245) * The zoneparser error messages were vastly improved, partially inspired by Shawn's cowboy migration. Code in commit 1235. * Labels are compressed more efficiently (case-insensitively), leading to smaller packets. Implemented in commit 1156. * Fix handling of TCP timeouts to not cause a reload of the backends. Implemented in commit 1092. * Move from select() to poll()-based multiplexing, allowing PowerDNS to listen on more than 1024 sockets simultaneously. One big PowerDNS user needs this. Implemented in 1072. * Zone2sql now reads source files in performance enhancing inode order. Additionally, zone2sql no longer dies on a missing zone file if --on-error-resume-next was specified. Finally, statistics of zone2sql confersion have been improved. Implemented in 1055. * Address issues found by more recent g++ versions. Spotted and/or fixed by Jorn Ekkelenkamp (commit 1051), Marcus Rueckert (commit 1094), Norbert Sendetzky (commit 1107), Serge Belyshev (commit 1171). * The Intel C Compiler implements certain things differently, causing the master/slave communicator to malfunction. Spotted by Marcus Rueckert, implemented in 1052, plus fallout in 1105. * PowerDNS can now be compiled with Boost 1.37.0. * Andre Lorbach of Adiscon discovered the microsoft windows 2003 nameserver adds out of zone data to zonetransfers, which we need to ignore, instead of rejecting the entire zone. Implemented in 1048. * PowerDNS now skips remote master servers which consistently generate timeout messages, improving the master checking cycle time tremendously. Developed in cooperation with Tyler Hall. Implemented in commit 1278. * When binding to a UDP port failed, supply a more precise error message (commit 1245) * dnsreplay now waits for the final answers to arrive, making it possible to process even small pcap files and get meaningful statistics. commit 1268. * dnsreplay has a more sane default timeout now, which can be configured too. Suggested by Augie Schwer in ticket 163, implemented in commit 1287. __________________________________________________________ 1.3.2. Authoritative Server version 2.9.21.2 Released on the 18th of November 2008. This release consists of a single patch to PowerDNS Authoritative Server version 2.9.21.1. In some configurations, notably with configuration option 'distributor-threads=1', the PowerDNS Authoritative Server crashes easily in some error conditions. All users are urged to upgrade. Even though PowerDNS restarts itself on encountering such error conditions, and even though most PowerDNS configurations do not run in single threaded mode, an upgrade is recommended. More detail can be found in Section 1.9. __________________________________________________________ 1.3.3. Authoritative Server version 2.9.21.1 Released on the 6th of August 2008. This release consists of a single patch to PowerDNS Authoritative Server version 2.9.21. Brian J. Dowling of Simplicity Communications has discovered a security implication of the previous PowerDNS behaviour to drop queries it considers malformed. We are grateful that Brian notified us quickly about this problem. This issue has been assigned CVE-2008-3337. The single patch is in commit 1239. More detail can be found in Section 1.8. The implication is that while the PowerDNS Authoritative server itself does not face a security risk because of dropping these malformed queries, other resolving nameservers run a higher risk of accepting spoofed answers for domains being hosted by PowerDNS Authoritative Servers before 2.9.21.1. While the dropping of queries does not aid sophisticated spoofing attempts, it does facilitate simpler attacks. It may be good to know that several large sites already run with this patch applied, as it has been in the public codebase for some weeks already. __________________________________________________________ 1.3.4. Recursor version 3.1.7 Released the 25th of June 2008. This version contains powerful scripting abilities, allowing operators to modify DNS responses in many interesting ways. Among other things, these abilities can be used to filter out malware domains, to perform load balancing, to comply with legal and other requirements and finally, to implement 'NXDOMAIN' redirection. It is hoped that the addition of Lua scripting will enable responsible DNS modification for those that need it. For more details about the Lua scripting, which can be modified, loaded and unloaded at runtime, see Section 12.6. Many thanks are due to the #lua irc channel, for excellent near-realtime Lua support. In addition, a number of PowerDNS users have been enthousiastically testing prereleases of the scripting support, and have found and solved many issues. In addition, 3.1.7 fixes a number of bugs: * In 3.1.5 and 3.1.6, an authoritative server could continue to renew its authority, even though a domain had been delegated to other servers in the meantime. In the rare cases where this happened, and the old servers were not shut down, the observed effect is that users were fed outdated data. Bug spotted and analysed by Darren Gamble, fix in commit 1182 and commit 1183. * Thanks to long time PowerDNS contributor Stefan Arentz, for the first time, Mac OS X 10.5 users can compile and run the PowerDNS Recursor! Patch in commit 1185. * Sten Spans spotted that for outgoing TCP/IP queries, the query-local-address setting was not honored. Fixed in commit 1190. * rec_control wipe-cache now also wipes domains from the negative cache, hurrying up the expiry of negatively cached records. Suggested by Simon Kirby, implemented in commit 1204. * When a forwarder server is configured for a domain, using the forward-zones setting, this server IP address was filtered using the dont-query setting, which is generally not what is desired: the server to which queries are forwarded will often live in private IP space, and the operator should be trusted to know what he is doing. Reported and argued by Simon Kirby, fix in commit 1211. * Marcus Rueckert of OpenSUSE reported that very recent gcc versions emitted a (correct) warning on an overly complicated line in syncres.cc, fixed in commit 1189. * Stefan Schmidt discovered that the netmask matching code, used by the new Lua scripts, but also by all other parts of PowerDNS, had problems with explicit '/32' matches. Fixed in commit 1205. __________________________________________________________ 1.3.5. Recursor version 3.1.6 Released on the 1st of May 2008. This version fixes two important problems, each on its own important enough to justify a quick upgrade. * Version 3.1.5 had problems resolving several slightly misconfigured domains, including for a time 'juniper.net'. Nameserver timeouts were not being processed correctly, leading PowerDNS to not update the internal clock, which in turn meant that any queries immediately following an error would time out as well. Because of retries, this would usually not be a problem except on very busy servers, for domains with different nameservers at different levels of the DNS-hierarchy, like 'juniper.net'. This issue was fixed rapidly because of the help of XS4ALL (Eric Veldhuyzen, Kai Storbeck), Brad Dameron and Kees Monshouwer. Fix in commit 1178. * The new high-quality random generator was not used for all random numbers, especially in source port selection. This means that 3.1.5 is still a lot more secure than 3.1.4 was, and its algorithms more secure than most other nameservers, but it also means 3.1.5 is not as secure as it could be. A quick upgrade is recommended. Discovered by Thomas Biege of Novell (SUSE), fixed in commit 1179. __________________________________________________________ 1.3.6. Recursor version 3.1.5 Released on the 31st of March 2008. Much like 3.1.4, this release does not add a lot of major features. Instead, performance has been improved significantly (estimated at around 20%), and many rare and not so rare issues were addressed. Multi-part TXT records now work as expected - the only significant functional bug found in 15 months. One of the oldest feature requests was fulfilled: version 3.1.5 can finally forward queries for designated domains to multiple servers, on differing port numbers if needed. Previously only one forwarder address was supported. This lack held back a number of migrations to PowerDNS. We would like to thank Amit Klein of Trusteer for bringing a serious vulnerability to our attention which would enable a smart attacker to 'spoof' previous versions of the PowerDNS Recursor into accepting possibly mallicious data. Details can be found on this Trusteer page. It is recommended that all users of the PowerDNS Recursor upgrade to 3.1.5 as soon as practicable, while we simultaneously note that busy servers are less susceptible to the attack, but not immune. The PowerDNS Security Advisory can be found in Section 1.7. This version can properly benefit from all IPv4 and IPv6 addresses in use at the root-servers as of early February 2008. In order to implement this, changes were made to how the Recursor deals internally with A and AAAA queries for nameservers, see below for more details. Additionally, newer releases of the G++ compiler required some fixes (see ticket 173). This release was made possible by the help of Wichert Akkerman, Winfried Angele, Arnoud Bakker (Fox-IT), Niels Bakker (no relation!), Leo Baltus (Nederlandse Publieke Omroep), Marco Davids (SIDN), David Gavarret (Neuf Cegetel), Peter Gervai, Marcus Goller (UPC), Matti Hiljanen (Saunalahti/Elisa), Ruben Kerkhof, Alex Kiernan, Amit Klein (Trusteer), Kenneth Marshall (Rice University), Thomas Rietz, Marcus Rueckert (OpenSUSE), Augie Schwer (Sonix), Sten Spans (Bit), Stefan Schmidt (Freenet), Kai Storbeck (xs4all), Alex Trull, Andrew Turnbull (No Wires) and Aaron Thompson, and many more who filed bugs anonymously, or who we forgot to mention. Security related issues: * Amit Klein has informed us that System random generator output can be predicted based on its past behaviour, allowing a smart attacker to 'spoof' our nameserver. Full details in Section 1.7. * The Recursor will by default no longer query private-space nameservers. This closes a slight security risk and simultaneously improves performance and stability. For more information, see dont-query in Section 12.1. Implemented in commit 923. * Applied fix for ticket 110 ('PowerDNS should change directory to '/' in chroot), implemented in commit 944. Performance: * The DNS packet writing and parsing infrastructure performance was improved in several ways, see commits 925, 926, 928, 931, 1021, 1050. * Remove multithreading overhead from the Recursor (commit 999). Bug fixes: * Built-in authoritative server now properly derives the TTL from the SOA record if not specified. Implemented in commit 1165. Additionally, even when TTL was specified for the built-in authoritative server, it was ignored. Reported by Stefan Schmidt, closing ticket 147. * Empty TXT record components can now be served. Implemented in commit 1166, closing ticket 178. Spotted by Matti Hiljanen. * The Recursor would not properly override old data with new, sometimes serving old and new data concurrently. Fixed in commit 1137. * SOA records with embedded carriage-return characters are now parsed correctly. Implemented in commit 1167, closing ticket 162. * Some routing conditions could cause UDP connected sockets to generate an error which PowerDNS did not deal with properly, leading to a leaked file descriptor. As these run out over time, the recursor could crash. This would also happen for IPv6 queries on a host with no IPv6 connectivity. Thanks to Kai of xs4all and Wichert Akkerman for reporting this issue. Fix in commit 1133. * Empty unknown record types can now be stored without generating a scary error (commit 1129) * Applied fix for ticket 111, ticket 112 and ticket 153 - large (multipart) TXT records are now retrieved and served properly. Fix in commit 996. * Solaris compilation instructions in Recursor documentation were wrong, leading to an instant crash on startup. Luckily nobody reads the documentation, except for Marcus Goller who found the error. Fixed in commit 1124. * On Solaris, finally fix the issue where queries get distributed strangely over CPUs, or not get distributed at all. Much debugging and analysing performed by Alex Kiernan, who also supplied fixes. Implemented in commit 1091, commit 1093. * Various fixes for modern G++ versions, most spotted by Marcus Rueckert (commits 964, 965, 1028, 1052), and Ruben Kerkhof (commit 1136, closing ticket 175). * Recursor would not properly clean up pidfile and control socket, closing ticket 120, code in commit 988, commit 1098 (part of fix by Matti Hiljanen, spotted by Leo Baltus) * Recursor can now serve multi-line records from its limited authoritative server (commit 1014). * When parsing zones, the 'm' time specification stands for minutes, not months! Closing Debian bug 406462 (commit 1026) * Authoritative zone parser did not support '@' in the content of records. Spotted by Marco Davids, fixed in commit 1030. * Authoritative zone parser could be confused by trailing TABs on record lines (commit 1062). * EINTR error code could block entire server if received at the wrong time. Spotted by Arnoud Bakker, fix in commit 1059. * Fix crash on NetBSD on Alpha CPUs, might improve startup behaviour on empty caches on other architectures as well (commit 1061). * Outbound TCP queries were being performed sub-optimally because of an interaction with the 'Mplexer'. Fixes in commit 1115, commit 1116. New features: * Implemented rec_control command get uptime, as suggested by Niels Bakker (commit 935). Added to default rrdtool scripts in commit 940. * The Recursor Authorative component, meant for having the Recursor serve some zones authoritatively, now supports $INCLUDE and $GENERATE. Implemented in commit 951 and commit 952, commit 967 (discovered by Thomas Rietz), * Implemented forward-zones-file option in order to support larger amounts of zones which should be forwarded to another nameserver (commit 963). * Both forward-zones and forward-zones-file can now specify multiple forwarders per domain, implemented in commit 1168, closing ticket 81. Additionally, both these settings can also specify non-standard port numbers, as suggested in ticket ticket 122. Patch authored by Aaron Thompson, with additional work by Augie Schwer. * Sten Spans contributed allow-from-file, implemented in commit 1150. This feature allows the Recursor to read access rules from a (large) file. General improvements: * Ruben Kerkhof fixed up weird permission bits as well as our SGML documentation code in commit 936 and commit 937. * Full IPv6 parity. If configured to use IPv6 for outgoing queries (using query-local-address6=::0 for example), IPv6 and IPv4 addresses are finally treated 100% identically, instead of 'mostly'. This feature is implemented using 'ANY' queries to find A and AAAA addresses in one query, which is a new approach. Treat with caution. * Now perform EDNS0 root refreshing queries, so as to benefit from all returned addresses. Relevant since early February 2008 when the root-servers started to respond with IPv6 addresses, which made the default non-EDNS0 maximum packet length reply no longer contain all records. Implemented in commit 1130. Thanks to dns-operations AT mail.oarc.isc.org for quick suggestions on how to deal with this change. * rec_control now has a timeout in case the Recursor does not respond. Implemented in commit 945. * (Error) messages are now logged with saner priorities (commit 955). * Outbound query IP interface stemmed from 1997 (!) and was in dire need of a cleanup (commit 1117). * L.ROOT-SERVERS.NET moved (commit 1118). __________________________________________________________ 1.3.7. PowerDNS Authoritative Server version 2.9.21 Released the 21st of April 2007. This is the first release the PowerDNS Authoritative Server since the Recursor was split off to a separate product, and also marks the transfer of the new technology developed specifically for the recursor, back to the authoritative server. This move has reduced the amount of code of the Authoritative server by over 2000 lines, while improving the quality of the program enormously. However, since so much has been changed, care should be taken when deploying 2.9.21. To signify the magnitude of the underlying improvements, the next release of the PowerDNS Authoritative Server will be called 3.0. This release would not have been possible without large amounts of help and support from the PowerDNS Community. We specifically want to thank Massimo Bandinelli of Italy's Register.it, Dave Aaldering of Aaldering ICT, True BV, XS4ALL, Daniel Bilik of Neosystem, EasyDNS, Heinrich Ruthensteiner of Siemens, Augie Schwer, Mark Bergsma, Marco Davids, Marcus Rueckert of OpenSUSE, Andre Muraro of Locaweb, Antony Lesuisse, Norbert Sendetzky, Marco Chiavacci, Christoph Haas, Ralf van der Enden and Ruben Kerkhof. Security issues: * The previous packet parsing and generating code contained no known bugs, but was however very lengthy and overly complex, and might have had security problems. The new code is 'inherently safe' because it relies on bounds-checking C++ constructs. Therefore, a move to 2.9.21 is highly recommended. * Pre-2.9.21, communication between master and server nameservers was not checked as rigidly as possible, possibly allowing third parties to disrupt but not modify such communications. Warning The 'bind1' legacy version of our BIND backend has been dropped! There should be no need to rely on this old version anymore, as the main BIND backend has been very well tested recently. Bugs: * Multi-part TXT records weren't supported. This has been fixed, and regression tests have been added. Code in commits 1016, 996, 994. * Email addresses with embedded dots in SOA records were not parsed correctly, nor were other embedded dots. Noted by 'Bastiaan', fixed in commit 1026. * BIND backend treated the 'm' TTL modifier as 'months' and not 'minutes'. Closes Debian bug 406462. Addressed in commit 1026. * Our snapshots were built against a static version of PosgreSQL that was incompatible with many Linux distributions, leading to instant crashes on startup. Fixed in 1022 and 1023. * CNAME referrals to child zones gave improper responses. Noted by Augie Schwer in ticket 123, fixed in commit 992. * When passing a port number with the recursor setting, this would sometimes generate errors during additional processing. Switched off overly helpful additional processing for recursive queries to remove this problem. Implemented in commit 1031, spotted by Ralf van der Enden. * NS to a nameserver with the name of the zone itself generated problems. Spotted by Augie Schwer, fixed in commit 947. * Multi-line records in the BIND backend were not always parsed correctly. Fixed in commit 1014. * The LOC-record had problems operating outside of the eastern hemisphere of the northern part of the world! Fixed in commit 1011. * Backends were compiled without multithreading preprocessor flags. As far as we can determine, this would only cause problems for the BIND backend, but we cannot rule out this caused instability in other backends. Fixed in commit 1001. * The BIND backend was highly unstable under reloads, and leaked memory and file descriptors. Thanks to Mark Bergsma and Massimo Bandinelli for respectively pointing this out to us and testing large amounts of patches to fix the problem. The fixes have resulted in better performance, less code, and a remarkable simplification of this backend. Commits 1039, 1034, 1035, 1006, 999, 905 and previous. * BIND backend gave convincing NXDOMAINS on unloaded zones in some cases. Spotted and fixed by Daniel Bilik in commit 984. * SOA records in zone transfers sometimes contained the wrong SOA TTL. Spotted by Christian Kuehn, fixed in commit 902. * PowerDNS could get confused by very high SOA serial numbers. Spotted and fixed by Dan Billik, fixed in commit 626. * Some versions of FreeBSD perform very strict checks on socket address sizes passed to 'connect', which could lead to problems retrieving zones over AXFR. Fixed in commit 891. * Some versions of FreeBSD perform very strict checks on IPv6 socket addresses, leading to problems. Discovered by Sten Spans, fixed in commit 885 and commit 886. * IXFR requests were not logged properly. Noted by Ralf van der Enden, fixed in commit 990. * Some NAPTR records needed an additional space character to encode correctly. Spotted by Heinrich Ruthensteiner, fixed in commit 1029. * Many bugs in the TCP nameserver, leading to a PowerDNS process that did not respond to TCP queries over time. Many fixes provided by Dan Bilik, other problems were fixed by rewriting our TCP handling code. Commits 982 and 980, 950, 924, 889, 874, 869, 685, 684. * Fix crashes on the ARM processor due to alignment errors. Thanks to Sjoerd Simons. Closes Debian bug 397031. * Missing data in generic SQL backends would sometimes lead to faked SOA serial data. Spotted by Leander Lakkas from True. Fix in commit 866. * When receiving two quick notifications in succession, the packet cache would sometimes "process" the second one, leading PowerDNS to ignore it. Spotted by Dan Bilik, fixed in commit 686. * Geobackend (by Mark Bergsma) did not properly override the getSOA method, breaking non-overlay operation of this fine backend. The geobackend now also skips '.hidden' configuration files, and now properly disregards empty configuration files. Additionally, the overlapping abilities were improved. Details available in commit 876, by Mark. Features: * Thanks to EasyDNS, PowerDNS now supports multiple masters per domain. For configuration details, see Section 13.2. Implemented in commit 1018, commit 1017. * Thanks to EasyDNS, PowerDNS now supports the KEY record type, as well the SPF record. In commit 976. * Added support for CERT, SSHFP, DNSKEY, DS, NSEC, RRSIG record types, as part of the move to the new DNS parsing/generating code. * Support for the AFSDB record type, as requested by 'Bastian'. Implemented in commit 978, closing ticket 129. * Support for the MR record type. Implemented in commit 941 and commit 1019. * Gsqlite3 backend was added by Antony Lesuisse in commit 942; * Added the ability to send out light-weight root-referrals that save bandwidth yet still placate mediocre resolver implementations. Implemented in commit 912, enable with 'root-referral=lean'. Improvements: * Miscellaneous OpenDBX and LDAP backend improvements by Norbert Sendetzky. Applied in commit 977 and commit 1040. * SGML source of the documentation was cleaned up by Ruben Kerkhof in commit 936. * Speedups in core DNS label processing code. Implemented in commit 928, commit 654, commit 1020. * When communicating with master servers and encountering errors, more useful details are logged. Reported by Stefan Arentz in ticket 137, closed by commit 1015. * Database errors are now logged with more details. Addressed in commit 1004. * pdns_control problems are now logged more verbosely. Change in commit 910. * Erroneous address configuration was logged unclearly. Spotted by River Tarnell, fixed in commit 888. * Example configuration shipped with PowerDNS was very old. Noted by Leen Besselink, fixed in commit 946. * PowerDNS neglected to chdir to the root when chrooted. This closes ticket 110, fixed in commit 944. * Microsoft resolver had problems with responses we generated for CNAMEs pointing out of our bailiwick. Fixed in commit 983 and expedited by Locaweb.com.br. * Built-in webserver logs errors more verbosely. Closes ticket 82, gixed in commit 991. * Queries containing '@' no longer flood the logs. Addressed in commit 1014. * The build process now looks for PostgreSQL in more places. Implemented in commit 998, closes ticket 90. * Speedups in the BIND backend now mean large installations enjoy startup times up to 30 times faster than with the original BIND nameserver. Many thanks to Massimo Bandinelli. * BIND backend now offers full support for query logging, implemented in commit 1026, commit 1029. * BIND backend named.conf parsing is now fully case-insensitive for domain names. This closes Debian bug 406461, fixed in commit 1027. * IPv6 and IPv4 address parsing routines have been replaced, which should result in prettier output in some cases. commit 962, commit 1012 and others. * 5 new regression tests have been added to insure old bugs do not return. * Fix small issues with very modern compilers and BOOST snapshots. Noted by Marcus Rueckert, addressed in commit 954, commit 964 commit 965, commit 1003. __________________________________________________________ 1.3.8. Recursor version 3.1.4 Released the 13th of November 2006. This release contains almost no new features, but consists mostly of minor and major bug fixes. It also addresses two major security issues, which makes this release a highly recommended upgrade. Security issues: * Large TCP questions followed by garbage could cause the recursor to crash. This critical security issue has been assigned CVE-2006-4251, and is fixed in commit 915. More information can be found in Section 1.5. * CNAME loops with zero second TTLs could cause crashes in some conditions. These loops could be constructed by malicious parties, making this issue a potential denial of service attack. This security issue has been assigned CVE-2006-4252 and is fixed by commit 919. More information can be found in Section 1.6. Many thanks to David Gavarret for helping pin down this problem. Bugs: * On certain error conditions, PowerDNS would neglect to close a socket, which might therefore eventually run out. Spotted by Stefan Schmidt, fixed in commits 892, 897, 899. * Some nameservers (including PowerDNS in rare circumstances) emit a SOA record in the authority section. The recursor mistakenly interpreted this as an authoritative "NXRRSET". Spotted by Bryan Seitz, fixed in commit 893. * In some circumstances, PowerDNS could end up with a useless (not working, or no longer working) set of nameserver records for a domain. This release contains logic to invalidate such broken NSSETs, without overloading authoritative servers. This problem had previously been spotted by Bryan Seitz, 'Cerb' and Darren Gamble. Invalidations of NSSETs can be plotted using the "nsset-invalidations" metric, available through rec_control get. Implemented in commit 896 and commit 901. * PowerDNS could crash while dumping the cache using rec_control dump-cache. Reported by Wouter of WideXS and Stefan Schmidt and many others, fixed in commit 900. * Under rare circumstances (depleted TCP buffers), PowerDNS might send out incomplete questions to remote servers. Additionally, on big-endian systems (non-Intel and non-AMD generally), sending out large TCP answers questions would not work at all, and possibly crash. Brought to our attention by David Gavarret, fixed in commit 903. * The recursor contained the potential for a dead-lock processing an invalid domain name. It is not known how this might be triggered, but it has been observed by 'Cerb' on #powerdns. Several dead-locks where PowerDNS consumed all CPU, but did not answer questions, have been reported in the past few months. These might be fixed by commit 904. * IPv6 'allow-from' matching had problems with the least significant bits, sometimes allowing disallowed addresses, but mostly disallowing allowed addresses. Spotted by Wouter from WideXS, fixed in commit 916. Improvements: * PowerDNS has support to drop answers from so called 'delegation only' zones. A statistic ("dlg-only-drops") is now available to plot how often this happens. Implemented in commit 890. * Hint-file parameter was mistakenly named "hints-file" in the documentation. Spotted by my Marco Davids, fixed in commit 898. * rec_control quit should be near instantaneous now, as it no longer meticulously cleans up memory before exiting. Problem spotted by Darren Gamble, fixed in commit 914, closing ticket 84. * init.d script no longer refers to the Recursor as the Authoritative Server. Spotted by Wouter of WideXS, fixed in commit 913. * A potentially serious warning for users of the GNU C Library version 2.5 was fixed. Spotted by Marcus Rueckert, fixed in commit 920. __________________________________________________________ 1.3.9. Recursor version 3.1.3 Released the 12th of September 2006. Compared to 3.1.2, this release again consists of a number of mostly minor bug fixes, and some slight improvements. Many thanks are again due to Darren Gamble who together with his team has discovered many misconfigured domains that do work with some other name servers. DNS has long been tolerant of misconfigurations, PowerDNS intends to uphold that tradition. Almost all of the domains found by Darren now work as well in PowerDNS as in other name server implementations. Thanks to some recent migrations, this release, or something very close to it, is powering over 40 million internet connections that we know of. We appreciate hearing about succesful as well as unsuccesful migrations, please feel free to notify pdns.bd@powerdns.com of your experiences, good or bad. Bug-fixes: * The MThread default stack size was too small, which led to problems, mostly on 64-bit platforms. This stack size is now configurable using the stack-size setting should our estimate be off. Discovered by Darren Gamble, Sten Spans and a number of others. Fixed in commit 868. * Plug a small memory leak discovered by Kai and Darren Gamble, fixed in commit 870. * Switch from the excellent nedmalloc to dlmalloc, based on advice by the nedmalloc author. Nedmalloc is optimised for multithreaded operation, whereas the PowerDNS recursor is single threaded. The version of nedmalloc shipped contained a number of possible bugs, which are probably resolved by moving to dlmalloc. Some reported crashes on hitting 2G of allocated memory on 64 bit systems might be solved by this switch, which should also increase performance. See commit 873 for details. Improvements: * The cache is now explicitly aware of the difference between authoritative and unauthoritative data, allowing it to deal with some domains that have different data in the parent zone than in the authoritative zone. Patch in commit 867. * No longer try to parse DNS updates as if they were queries. Discovered and fixed by Jan Gyselinck, fix in commit 871. * Rebalance logging priorities for less log cluttering and add IP address to a remote server error message. Noticed and fixed by Jan Gyselinck (commit 877). * Add logging-facility setting, allowing syslog to send PowerDNS logging to a separate file. Added in commit 871. __________________________________________________________ 1.3.10. Recursor version 3.1.2 Released Monday 26th of June 2006. Compared to 3.1.1, this release consists almost exclusively of bug-fixes and speedups. A quick update is recommended, as some of the bugs impact operators of authoritative zones on the internet. This version has been tested by some of the largest internet providers on the planet, and is expected to perform well for everybody. Many thanks are due to Darren Gamble, Stefan Schmidt and Bryan Seitz who all provided excellent feedback based on their large-scale tests of the recursor. Bug-fixes: * Internal authoritative server did not differentiate between 'NXDOMAIN' and 'NXRRSET', in other words, it would answer 'no such host' when an AAAA query came in for a domain that did exist, but did not have an AAAA record. This only affects users with auth-zones configured. Discovered by Bryan Seitz, fixed in commit 848. * ANY queries for hosts where nothing was present in the cache would not work. This did not cause real problems as ANY queries are not reliable (by design) for anything other than debugging, but did slow down the nameserver and cause unnecessary load on remote nameservers. Fixed in commit 854. * When exceeding the configured maximum amount of TCP sessions, TCP support would break and the nameserver would waste CPU trying to accept TCP connections on UDP ports. Noted by Bryan Seitz, fixed in commit 849. * DNS queries come in two flavours: recursion desired and non-recursion desired. The latter is not very useful for a recursor, but is sometimes (erroneously) used by monitoring software or loadbalancers to detect nameserver availability. A non-rd query would not only not recurse, but also not query authoritative zones, which is confusing. Fixed in commit 847. * Non-standard DNS TCP queries, that did occur however, could drive the recursor to 100% CPU usage for extended periods of time. This did not disrupt service immediately, but does waste a lot of CPU, possibly exhausting resources. Discovered by Bryan Seitz, fixed in commit 858, which is post-3.1.2-rc1. * The PowerDNS recursor did not honour the rare but standardised 'ANY' query class (normally 'ANY' refers to the query type, not class), upsetting the Wildfire Jabber server. Discovered and debugged by Daniel Nauck, fixed in commit 859, which is post-3.1.2-rc1. * Everybody's favorite, when starting up under high load, a bogus line of statistics was sometimes logged. Fixed in commit 851. * Remove some spurious debugging output on dropping a packet by an unauthorized host. Discovered by Kai. Fixed in commit 854. Improvements: * Misconfigured domains, with a broken nameserver in the parent zone, should now work better. Changes motivated and suggested by Darren Gamble. This makes PowerDNS more compliant with RFC 2181 by making it prefer authoritative data over non-authoritative data. Implemented in commit 856. * PowerDNS can now listen on multiple ports, using the local-address setting. Added in commit 845. * A number of speedups which should have a noticeable impact, implemented in commits 850, 852, 853, 855 * The recursor now works around an issue with the Linux kernel 2.6.8, as shipped by Debian. Fixed by Christof Meerwald in commit 860, which is post 3.1.2-rc1. __________________________________________________________ 1.3.11. Recursor version 3.1.1 Warning 3.1.1 is identical to 3.1 except for a bug in the packet chaining code which would mainly manifest itself for IPv6 enabled Konqueror users with very fast connections to their PowerDNS installation. However, all 3.1 users are urged to upgrade to 3.1.1. Many thanks to Alessandro Bono for his quick aid in solving this problem. Released on the 23rd of May 2006. Many thanks are due to the operators of some of the largest internet access providers in the world, each having many millions of customers, who have tested the various 3.1 pre-releases for suitability. They have uncovered and helped fix bugs that could impact us all, but are only (quickly) noticeable with such vast amounts of DNS traffic. After version 3.0.1 has proved to hold up very well under tremendous loads, 3.1 adds important new features: * Ability to serve authoritative data from 'BIND' style zone files (using auth-zones statement). * Ability to forward domains so configured to external servers (using forward-zones). * Possibility of 'serving' the contents of /etc/hosts over DNS, which is very well suited to simple domestic router/DNS setups. Enabled using export-etc-hosts. * As recommended by recent standards documents, the PowerDNS recursor is now authoritative for RFC-1918 private IP space zones by default (suggested by Paul Vixie). * Full outgoing IPv6 support (off by default) with IPv6 servers getting equal treatment with IPv4, nameserver addresses are chosen based on average response speed, irrespective of protocol. * Initial Windows support, including running as a service ('NET START "POWERDNS RECURSOR"'). rec_channel is still missing, the rest should work. Performance appears to be below that of the UNIX versions, this situation is expected to improve. Bug fixes: * No longer send out SRV and MX record priorities as zero on big-endian platforms (UltraSPARC). Discovered by Eric Sproul, fixed in commit 773. * SRV records need additional processing, especially in an Active Directory setting. Reported by Kenneth Marshall, fixed in commit 774. * The root-records were not being refreshed, which could lead to problems under inconceivable conditions. Fixed in commit 780. * Fix resolving domain names for nameservers with multiple IP addresses, with one of these addresses being lame. Other nameserver implementations were also unable to resolve these domains, so not a big bug. Fixed in commit 780. * For a period of 5 minutes after expiring a negative cache entry, the domain would not be re-cached negatively, leading to a lot of duplicate outgoing queries for this short period. This fix has raised the average cache hit rate of the recursor by a few percent. Fixed in commit 783. * Query throttling was not aggressive enough and not all sorts of queries were throttled. Implemented in commit 786. * Fix possible crash during startup when parsing empty configuration lines (commit 807). * Fix possible crash when the first query after wiping a cache entry was for the just deleted entry. Rare in production servers. Fixed in commit 820. * Recursor would send out differing TTLs when receiving a misconfigured, standards violating, RRSET with different TTLs. Implement fix as mandated by RFC 2181, paragraph 5.2. Reported by Stephen Harker (commit 819). * The top-remotes would list remotes duplicately, once per source port. Discovered by Jorn Ekkelenkamp, fixed in commit 827, which is post 3.1-pre1. * Default allow-from allowed queries from fe80::/16, corrected to fe80::/10. Spotted by Niels Bakker, fixed in commit 829, which is post 3.1-pre1. * While PowerDNS blocks failing queries quickly, multiple packets could briefly be in flight for the same domain and nameserver. This situation is now explicitly detected and queries are chained to identical queries already in flight. Fixed in commit 833 and commit 834, post 3.1-pre1. Improvements: * ANY queries are now implemented as in other nameserver implementations, leading to a decrease in outgoing queries. The RFCs are not very clear on desired behaviour, what is implemented now saves bandwidth and CPU and brings us in line with existing practice. Previously ANY queries were not cached by the PowerDNS recursor. Implemented in commit 784. * rec_control was very sparse in its error reporting, and user unfriendly as well. Reported by Erik Bos, fixed in commit 818 and commit 820. * IPv6 addresses were printed in a non-standard way, fixed in commit 788. * TTLs of records are now capped at two weeks, commit 820. * allow-from IPv4 netmasks now automatically work for IP4-to-IPv6 mapper IPv4 addresses, which appear when running on the wildcard :: IPv6 address. Lack of feature noted by Marcus 'darix' Rueckert. Fixed in commit 826, which is post 3.1-pre1. * Errors before daemonizing are now also sent to syslog. Suggested by Marcus 'darix' Rueckert. Fixed in commit 825, which is post 3.1-pre1. * When launching without any form of configured network connectivity, all root-servers would be cached as 'down' for some time. Detect this special case and treat it as a resource-constraint, which is not accounted against specific nameservers. Spotted by Seth Arnold, fixed in commit 835, which is post 3.1-pre1. * The recursor now does not allow authoritative servers to keep supplying its own NS records into perpetuity, which causes problems when a domain is redelegated but the old authorative servers are not updated to this effect. Noticed and explained at length by Darren Gamble of Shaw Communications, addressed by commit 837, which is post 3.1-pre2. * Some operators may want to follow RFC 2181 paragraph 5.2 and 5.4. This harms performance and does not solve any real problem, but does make PowerDNS more compliant. If you want this, enable auth-can-lower-ttl. Implemented in commit 838, which is post 3.1-pre2. __________________________________________________________ 1.3.12. Recursor version 3.0.1 Released 25th of April 2006, download. This release consists of nothing but tiny fixes to 3.0, including one with security implications. An upgrade is highly recommended. * Compilation used both cc and gcc, leading to the possibility of compiling with different compiler versions (commit 766). * rec_control would leave files named lsockXXXXXX around in the configured socket-dir. Operators may wish to remove these files from their socket-dir (often /var/run), quite a few might have accumulated already (commit 767). * Certain malformed packets could crash the recursor. As far as we can determine these packets could only lead to a crash, but as always, there are no guarantees. A quick upgrade is highly recommended (commits 760, 761). Reported by David Gavarret. * Recursor would not distinguish between NXDOMAIN and NXRRSET (commit 756). Reported and debugged by Jorn Ekkelenkamp. * Some error messages and trace logging statements were improved (commits 756, 758, 759). * stderr was closed during daemonizing, but not dupped to /dev/null, leading to slight chance of odd behaviour on reporting errors (commit 757) Operating system specific fixes: * The stock Debian sarge Linux kernel, 2.6.8, claims to support epoll but fails at runtime. The epoll self-testing code has been improved, and PowerDNS will fall back to a select based multiplexer if needed (commit 758) Reported by Michiel van Es. * Solaris 8 compilation and runtime issues were addressed. See the README for details (commit 765). Reported by Juergen Georgi and Kenneth Marshall. * Solaris 10 x86_64 compilation issues were addressed (commit 755). Reported and debugged by Eric Sproul. __________________________________________________________ 1.3.13. Recursor version 3.0 Released 20th of April 2006, download. This is the first separate release of the PowerDNS Recursor. There are many reasons for this, one of the most important ones is that previously we could only do a release when both the recursor and the authoritative nameserver were fully tested and in good shape. The split allows us to release new versions when each part is ready. Now for the real news. This version of the PowerDNS recursor powers the network access of over two million internet connections. Two large access providers have been running pre-releases of 3.0 for the past few weeks and results are good. Furthermore, the various pre-releases have been tested nearly non-stop with DNS traffic replayed at 3000 queries/second. As expected, the 2 million househoulds shook out some very rare bugs. But even a rare bug happens once in a while when there are this many users. We consider this version of the PowerDNS recursor to be the most advanced resolver publicly available. Given current levels of spam, phishing and other forms of internet crime we think no recursor should offer less than the best in spoofing protection. We urge all operators of resolvers without proper spoofing countermeasures to consider PowerDNS, as it is a Better Internet Nameserver Daemon. A good article on DNS spoofing can be found here. Some more information, based on a previous version of PowerDNS, can be found on the PowerDNS development blog. Warning Because of recent DNS based denial of service attacks, running an open recursor has become a security risk. Therefore, unless configured otherwise this version of PowerDNS will only listen on localhost, which means it does not resolve for hosts on your network. To fix, configure the local-address setting with all addresses you want to listen on. Additionally, by default service is restricted to RFC 1918 private IP addresses. Use allow-from to selectively open up the recursor for your own network. See Section 12.1 for details. Important new features of the PowerDNS recursor 3.0: * Best spoofing protection and detection we know of. Not only is spoofing made harder by using a new network address for each query, PowerDNS detects when an attempt is made to spoof it, and temporarily ignores the data. For details, see Section 12.4.1. * First nameserver to benefit from epoll/kqueue/Solaris completion ports event reporting framework, for stellar performance. * Best statistics of any recursing nameserver we know of, see Section 12.5. * Last-recently-used based cache cleanup algorithm, keeping the 'best' records in memory * First class Solaris support, built on a 'try and buy' Sun CoolThreads T 2000. * Full IPv6 support, implemented natively. * Access filtering, both for IPv4 and IPv6. * Experimental SMP support for nearly double performance. See Section 12.3. Many people helped package and test this release. Jorn Ekkelenkamp of ISP-Services helped find the '8000 SOAs' bug and spotted many other oddities and XS4ALL internet funded a lot of the recent development. Joaquín M López Muñoz of the boost::multi_index_container was again of great help. __________________________________________________________ 1.3.14. Version 2.9.20 Released the 15th of March 2006 Besides adding OpenDBX, this release is mostly about fixing problems and speeding up the recursor. This release has been made possible by XS4ALL and True. Thanks! Furthermore, we are very grateful for the help of Andrew Pinski, who hacks on gcc, and of Joaquín M López Muñoz, the author of boost::multi_index_container. Without their near-realtime help this release would've been delayed a lot. Thanks! Bugs fixed in the recursor: * Possible stability issues in the recursor on encountering errors (commit 532, commit 533) * Memory leaks in recursor fixed (commit 534, commit 572). In a test 800 million real life DNS packets have been sent to the recursor, representing several days of traffic from a major ISP, memory use was high (500MB), but stable. * Prune all data in PowerDNS - previously per-nameserver and per-query performance statistics were kept around forever (commit 535) * IPv6 additional processing was broken. Reported by Lionel Elie Mamane, who also provided a fix. The problem was fixed differently in the end. commit 562. * pdns_recursor did not shuffle answers since 2.9.19, leading to problems sending mail to the Hotmail servers. Reported in ticket 54, fixed in commit 567. * If a single nameserver had multiple IP addresses listed, PowerDNS would only use one of them. Noted by Mark Martin, fixed in commit 570, who depends on a domain with 4 nameserver IP addresses of which 2 are broken. Improvements to the recursor: * Commits 535, 540, 541, 542, 543, 544, 545, 547 and 548, 574 all speed up the recursor by a large factor, without altering the DNS algorithm. * Move recursor to the incredible boost::multi_index_container (commit 580). This brings a huge improvement in cache pruning times. * commit 549 and commit 550 work around gcc bug 24704 if requested, which speeds up the recursor a lot, but involves a dirty hack. Enable with ./configure --enable-gcc-skip-locking. No guarantees! Bugs fixed in the authoritative nameserver: * PowerDNS would no longer allow a '/' in domain names, fixed by commit 537, reported in ticket 48. * Parameters to pdns_control notify-host were not checked, leading to possible crashes. Reported in ticket 24, fixed in commit 565. * On some compilers, processing of NAPTR records could cause the server to crash. Reported by Bernd Froemel in ticket 29, fixed in commit 538. * Backend errors could make the whole nameserver exit under some circumstances, notably using the LDAP backend. Fixed in commit 583, reported in ticket 62. * Referrals were subtly broken by recent CNAME/Wildcard improvements, fixed in commit 539. Fix and other improvements sponsored by True. * PowerDNS would try to insert records it has no knowledge about in slave zones, which did not work. Reported in ticket 60, fixed in commit 566. A superior fix would be to implement the relevant unknown record standard. Improvements to the authoritative nameserver: * Pipebackend did not properly propagate the ABI version to its children, fixed in commit 546, reported by kickdaddy@gmail.com in ticket 45. * OpenDBX backend added (commit 559, commit 560, commit 561) by Norbert Sendetzky. From the website: " The OpenDBX backend enables it to fetch DNS information from every DBMS supported by the OpenDBX library and combines the power of one of the best DNS server implementations with the flexibility of the OpenDBX library. " OpenDBX adds some other features like database failover. Thanks Norbert! * LDAP fixes as reported in ticket 37, fixed in commit 558, which maked pdns_control notify work. * Arjo Hooimeijer added support for soa-refresh-default, soa-retry-default, soa-expire-default, which were previously hardcoded. commit 563 and fallout in commit 573 (thanks to Wolfram Schlich). Miscellaneous: * Fixes for g++ 4.1. Compiling with 4.1 realizes notable speedups. commit 568, commit 569. * PowerDNS now reports if it is running in 32 or 64 bit mode, useful for bi-arch users that need to know if they are benefitting from their great processor. commit 571. * dnsscope compiles again, commit 551, commit 564 (FreeBSD 64-bit time_t). * dnsreplay_mindex compiles again, fixed by commit 572. Its performance, and the performance of the recursor was improved by commit 559. * Build scripts were added, mostly for internal use but we know some PowerDNS users build their own packages too. commit 553, commit 554, commit 555, commit 556, commit 557. * bootstrap script was not included in release. Thanks to Stefan Arentz for noticing. Fixed in commit 574. __________________________________________________________ 1.3.15. Version 2.9.19 Released 29th of October 2005. As with other recent releases, the usage of PowerDNS appears to have skyrocketed. Informal, though strict, measurements show that PowerDNS now powers around 50% of all German domains, and somewhere in the order of 10-15% of the rest of the world. Furthermore, DNS is set to take a central role in connecting Voice over IP providers, with PowerDNS offering a very good feature set for these ENUM deployments. PowerDNS is already powering the E164.info ENUM zone and also acts as the backend for a major VoIP provisioning platform. Included in this release is the now complete packet parsing/generating, record parsing/generating infrastructure. Furthermore, this framework is used by the recursor, hopefully making it very fast, memory efficient and robust. Many records are now processed using a single line of code. This has made the recursor a lot stricter in packet parsing, you will see some error messages which did not appear before. Rest assured however that these only happen for queries which have no valid answer in any case. Furthermore, support for DNSSEC records is available in the new infrastructure, although is should be emphasised that there is more to DNSSEC than parsing records. There is no real support for DNSSEC (yet). Additionally, the BIND Backend has been replaced by what was up to now known as the 'Bind2Backend'. Initial benchmarking appears to show that this backend is faster, uses less memory and has shorter startup times. The code is also shorter. This release fixes a number of embarassing bugs and is a recommended upgrade. Thanks are due to XS4ALL who are supporting continuing development of PowerDNS, the fruits of which can be found in this release already. Furthermore, a remarkable number of people have helped report bugs, validate solutions or have submitted entire patches. Many thanks! Improvements: * dnsreplay now has a help message and has received further massive updates, making the code substantially faster. It turns out that dnsreplay is often 'heavier' than the PowerDNS process being benchmarked. * PowerDNS recursor no longer prints out its queries by default as most recursor deployments have too much traffic for this to be useful. * PowerDNS recursor is now able to read its root-hints from disk, which is useful to operate with alternate roots, like the Open Root Server Network. See Chapter 12. * PowerDNS can now send out old-fashioned root-referrals when queried for domains for which it is not authoritative. Wastes some bandwidth but may solve incoming query floods if domains are delegated to you for which you are not authoritative, but which are queried by broken recursors. * PowerDNS now prints out a warning when running with legacy LinuxThreads implementation instead of the high performance NPTL library, see Section 9.2. commit 455. * A lot of superfluous calls to gettimeofday() have been removed, making PowerDNS and especially the recursor faster. Suggested by Kai. * SPF records are now supported natively. commit 472, closing ticket 22. * Improved IPv6 'bound to' messages. Thanks to Niels Bakker, Wichert Akkerman and Gerty de Wolf for suggestions. * Separate graphs can now be made of IPv6 queries and answers. commit 485. * Out of zone additional processing is now on by default to better comply with standards. commit 487. * Regression tests have been expanded to deal with more record types (SRV, NAPTR, TXT, duplicate SRV). * Improved query-logging in Bindbackend, which can be used for debugging purposes. * Dropped libpcap dependency, making compilation easier * pdns_control now has a help message. * Add RRSIG, DNSKEY, DS and NSEC records for DNSSEC-bis to new parser infrastructure. * Recursor now honours EDNS0 allowing it to send out larger answers. Bugs fixed: * Domain name validation has been made a lot stricter - it turns out PostgreSQL was interpreting some (corrupt) domain names as unicode. Tested and suggested by Register.com (commit 451). * LDAP backend did not compile (commits 452, 453) due to partially applied patch (Norbert Sendetzky) * Incoming zone transfers work reliably again. Fixed in commit 460 and beyond. And commit 523 - closing Debian bug 330184. * Recent g++ versions exposed a mistake in the PowerDNS recursor cache pruning code, causing random crashes. Fixed in commit 465. Reported by several Red Hat users. * PowerDNS recursor, and MTasker in general, did not work on Solaris. Patch by Juergen Ilse, commit 471. Also moved most of PowerDNS over to uint32_t style typedefs, which eases compilation problems on Solaris, commit 477. * Bindbackend2 did not properly search its include path for $INCLUDE statements. Noted by Mark Bergsma, commit 474. * Bindbackend did not notice changed zones, this problem has been fixed by the move to Bind2. * Pipebackend did not clean up, leading to an additional pipe backend per AXFR or pdns_control reload. Discovered by Marc Jauvin, fixed by commit 525. * Bindbackend (both old and current versions) did not honour 'include' statements in named.conf on pdns_control rediscover. Noted by Marc Jauvin, fixed by commit 526. * Zone transfers were sometimes shuffled, which wastes useless time, commit 478. * CNAMEs and Wildcards now work as in Bind, fixing many complaints, commit 487. * NAPTR records were compressed, which would work, but was in violation of the RFC, commit 493. * NAPTR records were not always parsed correctly from BIND zonefiles, fixed, commit 494. * Geobackend needed additional include statement to compile on more recent Linux distrbutions, commit 496. __________________________________________________________ 1.3.16. Version 2.9.18 Released on the 16th of July 2005. The '8 million domains' release, which also marks the battle readiness of the PowerDNS Recursor. The latest improvements have been made possible by financial support and contributions by Register.com and XS4ALL. Thanks! This release brings a number of new features (vastly improved recursor, Generic Oracle Support, DNS analysis and replay tools, and more) but also has a new build dependency, the Boost library (version 1.31 or higher). Currently several big ISPs are evaluating the PowerDNS recursor for their resolving needs, some of them have switched already. In the course of testing, over 350 million actual queries have been recorded and replayed, the answers turn out to be satisfactorily. This testing has verified that the pdns recursor, as shipped in this release, can stand up to heavy duty ISP loads (over 20000 queries/second) and in fact does so better than major other nameservers, giving more complete answers and being faster to boot. We invite ISPs who note recursor problems to record their problematic traffic and replay it using the tools described in Chapter 20 to discover if PowerDNS does a better job, and to let us know the results. Additionally, the bind2backend is almost ready to replace the stock bind backend. If you run with Bind zones, you are cordially invited to substitute 'launch=bind2' for 'launch=bind'. This will happen automatically in 2.9.19! In other news, the entire Wikipedia constellation now runs on PowerDNS using the Geo Backend! Thanks to Mark Bergsma for keeping us updated. There are two bugs with security implications, which only apply to installations running with the LDAP backend, or installations providing recursion to a limited range of IP addresses. If any of these apply to you, an upgrade is highly advised: * The LDAP backend did not properly escape all queries, allowing it to fail and not answer questions. We have not investigated further risks involved, but we advise LDAP users to update as quickly as possible (Norbert Sendetzky, Jan de Groot) * Questions from clients denied recursion could blank out answers to clients who are allowed recursion services, temporarily. Reported by Wilco Baan. This would've made it possible for outsiders to blank out a domain temporarily to your users. Luckily PowerDNS would send out SERVFAIL or Refused, and not a denial of a domain's existence. General bugs fixed: * TCP authoritative server would not relaunch a backend after failure (reported by Norbert Sendetzky) * Fix backend restarting logic (reported, and fix suggested by Norbert Sendetzky) * Launching identical backends multiple times, with different settings, did not work. Reported by Mario Manno. * Master/slave queries did not honour the query-local-address setting. Spotted by David Levy of Register.com. The fix also randomises the local port used, slightly improving security. Compilation fixes: * Fix compile on Solaris, they define 'PC' for some reason. Reported by Eric Yiu. * PowerDNS recursor would not compile on FreeBSD due to Linux specific defines, as reported in cvstrac ticket 26 (Ralf van der Enden) * Several 64 bits issues have been fixed, especially in the Logging subsystem. * SSQLite would fail to compile on recent Debian systems (Matthijs Mohlmann) * Generic MySQL would not compile on 64-bit platforms. Improvements: * PowerDNS now reports stray command line arguments, like when running '--local-port 5300' instead of '--local-port=5300'. Reported by Christian Welzel. * We now warn against erroneous logging-facility specification, ie specifying an unknown facility. * --version now outputs gcc version used, so we can tell people 2.95 is no longer supported. * Extended regression tests, moved them to the new 'sdig' tool (see below). * Bind2backend is now blazingly fast, and highly memory efficient to boot. As a special bonus it can read gzipped zones directly. The '.NET' zone is hosted using 401MB of memory, the same size as the zone on disk. * The Pipe Backend has been improved such that it can send out different answers based on the IP address the question was received ON. See Section A.1.1 for how this changed the Pipe Backend protocol. Note that you need to set pipebackend-abi-version to benefit from this change, existing clients are not affected. Change and documentation contributed by Marc Jauvin of Register4Less. * LDAP backend has been updated (Norbert Sendetzky). Recursor improvements and fixes. See Chapter 11 for details. The changes below mean that all of the caveats listed for the recursor have now been addressed. * After half an hour of uptime, the entire cache would be pruned for each packet, which is a tad slow. It now appears the pdns recursor is among the faststest around. * Under high loads, or when unlucky, some query mthreads would get 'stuck', and show up in the statistics as eternally running queries. * Lots of redundant gettimeofday() and time() calls were removed, which has resulted in a measurable speedup. * pdns_recursor can now listen on several addresses simultaneously. * Now supports setuid and setgid operation to allow running as a less privileged user (Bram Vandoren) * Return code of pdns_recursor binary did not make sense (Matthijs Mohlmann and Thomas Hood) * Timeouts and errors are now split out in statistics. * Many people reported broken statistics, it turned out that no statistics were being reported if there had been no questions to base them on. We now log a message to that effect. * Add query-local-address support, which allows the recursor to send questions from a specific IP address. Useful for anycast setups. * Add outgoing TCP query support and proper truncated answer support. Needed for Worldnic Denial of Service protection, which sends out truncated packets to force clients to connect over TCP, which prevents spoofing. * Properly truncate our own answers. * Improve our TCP answers by using writev, which is slightly friendlier to the network. * On FreeBSD, TCP errors could cause the recursor to exit suddenly due to a SIGPIPE signal. * Maximum number of simultaneous client TCP connections can now be limited with the max-tcp-clients setting. * Add agressive timeouts for TCP clients to make sure resources are not wasted. Defaults to two seconds, can be configured with the client-tcp-timeout setting. Backend fixes: * SQLite backend would not slave properly (Darron Broad) * Generic MySQL would not compile on 64-bit platforms. New technology: * Added the new DNS parser logic, called MOADNSParser. Completely modular, every memory access checked. * 'sdig', a simple dig workalike with 'canonical' output, which is used for the regression tests. Based on the new DNS parser logic. * dnswasher, dnsreplay and dnsscope, all DNS analysis tools. See Chapter 20 for more details. * Generic Oracle Backend, sponsored by Register.COM. See Section A.5.3. __________________________________________________________ 1.3.17. Version 2.9.17 See the new timeline for progress reports. The 'million domains' release - PowerDNS has now firmly established itself as a major player with the unofficial count (ie, guesswork) now at over two million PowerDNS domains! Also, the GeoBackend has been tested by a big website and may soon see wider deployment. Thanks to Mark Bergsma for spreading the word! It is also a release with lots of changes and fixes. Take care when deploying! Security issues: * PowerDNS could be temporarily DoSed using a random stream of bytes. Reported cause of this has been fixed. Enhancements: * Reported version can be changed, or removed - see the "version-string" setting. * Duplicate MX records are now no longer considered duplicate if their priorities differ. Some people need this feature for spam filtering. Bug fixes: * NAPTR records can now be slaved, patch by Lorens Kockum. * GMySQL now works on Solaris * PowerDNS could be confused by questions with a %-sign in them - fixing cvstrac ticket #16 (reported by dilinger at voxel.net) * An authentication bug in the webserver was possibly fixed, please report if you were suffering from this. Being unable to authenticate to the webserver was what you would've noticed. * Fix for cvstrac ticket #2, PowerDNS could lose sync when sending out a very large number of notifications. Excellent bug report by Martin Hoffman, who also improved our original bugfix. * Fix the oldest PowerDNS bug in existence - under some circumstances, PowerDNS would log to syslog one character at a time. This was cvstrac ticket #4 * HINFO records can now be slaved, fixing cvstrac ticket #8. * pdns_recursor could block under some circumstances, especially in case of corrupt UDP packets. Reported by Wichert Akkerman. Fix by Christopher Meer. This was cvstrac ticket #13. * Large SOA serial numbers would sometimes be logged as a signed integer, leading to negative numbers in the log. * PowerDNS now fully supports 32 bit SOA serial numbers (thanks to Mark Bergsma), closing cvstrac ticket #5. * pdns_recursor --local-address help text was wrong. * Very devious bug - PowerDNS did not clear its cache before sending out update notifications, leading slaves to conclude there was no update to AXFR. Excellent debugging by mkuchar at wproduction.cz. * Probably fixed cvstrac ticket #26, which caused pdns_recursor to fail on recent FreeBSD 5.3 systems. Please check, I have no such system to test on. * Geobackend did not get built for Debian. __________________________________________________________ 1.3.18. Version 2.9.16 The 'it must still be Friday somewhere' release. Massive number of fixes, portability improvements and the new Geobackend by Mark Bergsma & friends. New: * The Geobackend which makes it possible to send different answers to different IP ranges. Initial documentation can be found in pdns/modules/geobackend/README. * qgen query generation tool. Nearly completely undocumented and hard to build too, it requires Boost. But very spiffy. Use cd pdns; make qgen to build it. Bugfixes: * The most reported bug ever was fixed. Zone2sql required the inclusion of unistd.h, except on Debian unstable. * PowerDNS tried to listen on its control "pipe" which does not work. Probably harmless, but might have caused some oddities. * The Packet Cache did not always set its TTL immediately, causing some packets to be inserted, even when running with the cache disabled (Mark Bergsma). * Valgrind found some unitialized reads, causing bogus values in the priority field when it was not needed * Valgrind found a bug in MTasker where we used delete instead of delete[]. * SOA serials and other parameters are unsigned. This means that very large SOA serial numbers would be messed up (Michel Stol, Stefano Straus) * PowerDNS left its controlsocket around after exit and reported confusing errors if a socket was already in use. * The recursor proxy did not work on big endian systems like SPARC and some MIPS processors (Remco Post) * We no longer dump core on processing LOC records on UltraSPARC (Andrew Mulholland supplied a testing machine) Improvements: * MySQL can now connect to a specified port again (Chris Anderton) * When running chroot()ed and with master or slave support active, PowerDNS needs to resolve domain names to find slaves. This in turn may require access to certain libraries. Previously, these needed to be available in the chroot directory but by forcing an initial lookup, these libraries are now loaded before the chrooting. * pdns_recursor was very slow after having done a larger number of queries because of the checks to see if a query should be throttled. This is now done using a set which is a lot faster than the previous full sequential scan. * The throttling code may not have throttled as much as was configured. * Yet another big LDAP update. The LDAP backend now loadbalances connections over several hosts (Norbert Sendetzky) * Updated b.root-servers.net address in the recursor __________________________________________________________ 1.3.19. Version 2.9.15 This release fixes up some of the shortcomings in 2.9.14, and adds some new features too. Bugfixes: * allow-recursion-override was on by default, it was meant to be off. * Logging was still off in daemon mode, fixed. * debian/rules forgot to build an sqllite package * Recursor accidentally linked in MySQL - this was the result of an experiment with a persistent recursor cache. * The PowerDNS recursor had stability problems. It now sorts nameservers (roughly) by responsiveness. The 'roughly' part upset the sorting algorithm used, the speeds being sorted on changed during sorting. * The recursor now outputs the nameserver average response times in trace mode * LDAP compiles again. Improvements: * zone2sql can now accept - as a filename which causes it to read stdin. This allows the following to work: dig axfr ds9a.nl | zone2sql --gmysql --zone=- | mysql pdns, which is a nice way to import a zone. * zone2sql now ignores duplicate SOA records which are identical - which also makes the above possible. * Remove libpqpp dependencies - since we now use the native C API for PostgreSQL __________________________________________________________ 1.3.20. Version 2.9.14 Big release with the fix for the all important 2^30 seconds problem and a lot of other news. * errno problems would cause compilation problems when using LDAP (Norbert Sendetzky) * The Generic SQL backend could cause crashes on PostgreSQL when using pdns_control notify (Georg Bauer) * Debian compatible init.d script (Wichert Akkerman) * If using the master or slave features, pdns had the notion of eternity ending in 2038, except that due to a thinko, eternity ended out to be the 10th of January 2004. This caused a loop to timeout immediately. Many thanks to Jasper Spaans for spotting the bug within five minutes. * Parts of the SOA field were not cannonicalized * The loglevel could in fact cause nothing to be logged (Norbert Sendetzky) Improvements: * The recursor now chooses the fastest nameserver, which causes a big speedup! * LDAP now has different lookup models * Cleanups, better load distribution, better exception handling, zone2ldap improvements * The recursor was somewhat chatty about TCP connections * PostgreSQL now only depends on the C API and not on the deprecated C++ one * PowerDNS can now fully overrule external zones when doing recursion. See Chapter 11. __________________________________________________________ 1.3.21. Version 2.9.13 Big news! Windows is back! Our great friend Michel Stol found the time to update the PowerDNS code so it works again under windows. Furthermore, big thanks go out to Dell who quickly repaired my trusty laptop. His changes: * Generic SQLite support added * Removed the ODBC backend, replaced it by the Generic ODBC Backend, which has all the cool configurability of the Generic MySQL and PostgreSQL backends. * The PowerDNS Recursor now runs as a Service. It defaults to running on port 5300, PowerDNS itself is configured to expect the Recursor on port 5300 now. * The PowerDNS Service is now known as 'PowerDNS' to Windows. * The Installer was redone, this time with NSIS2. * General updates and fixes. Other news: Note There appears to be a problem with PowerDNS on Red Hat 7.3 with GCC 2.96 and self-compiled binaries. The symptoms are that PowerDNS works on the foreground but fails as a daemon. We're working on it. If you do note problems, let the list know, if you don't, please do so as well. Tell us if you use the RPM or compiled yourself. It is known that not compiling in MySQL support helps solve the problem, but then you don't have MySQL. There have been a number of reports on MySQL connections being dropped on FreeBSD 4.x, which sometimes causes PowerDNS to give up and reload itself. To combat this, MySQL error messages have been improved in some places in hopes of figuring out what is up. The initial indication is that MySQL itself sometimes terminates the connection and, amazingly, that switching to a Unix domain socket instead of TCP solves the problem. Bug fixes: * allow-axfr-ips did not work for individual IP addresses (bug & fix by Norbert Sendetzky) Improvements: * Opteron support! Thanks to Jeff Davey for providing a shell on an Opteron. The fixes should also help PowerDNS on other platforms with a 64 bit userspace. Btw, the PowerDNS team has a strong desire for an Opteron :-) * pdns_recursor jumbles answers now. This means that you can do poor man's roundrobin by supplying multiple A, MX or AAAA records for a service, and get a random one on top each time. Interestingly, this feature appeared out of nowhere, this change was made to the authoritative code but due to the wonders of code-reuse had an effect on pdns_recursor too. * Big LDAP cleanup. Support for TLS was added. Zone2LDAP also gained the ability to generate ldif files containing a tree or a list of entries. (Norbert Sendetzky) * Zone2sql is now somewhat clearer when reporting malformed line errors - it did not always include the name of the file causing a problem, especially for big installations. Problem noted by Thom May. * pdns_recursor now survives the expiration of all its root records, most often caused by prolonged disconnection from the net. __________________________________________________________ 1.3.22. Version 2.9.12 Release rich in features. Work on Verisign oddities, addition of SQLite backend, pdns_recursor maturity. New features: * --version command (requested by Mike Benoit) * delegation-only, a Verisign special. * Generic SQLite support, by Michel 'Who da man?' Stol. See Section A.7. * init.d script for pdns_recursor * Recursor now actually purges its cache, saving memory. * Slave configuration now no longer falls over when presented with a NULL master * Bindbackend2 now has supermaster support (Mark Bergsma, untested) * Answers are now shuffled! It turns out a few recursors don't do shuffling (pdns_recursor, djbdns), so we do it now. Requested by Jorn Ekkelenkamp of ISP-Services. This means that if you have multiple IP addresses for one host, they will be returned in differing order every once in a while. Bugs: * 0.0.0.0/0 didn't use to work (Norbert Sendetzky) * pdns_recursor would try to resolve IP address which to bind to, potentially causing chicken/egg problem * gpgsql no longer reports as gmysql (Sherwin Daganoto) * SRV would not be parsed right from disk (Christof Meerwald) * An AXFR from a zone hosted on the LDAP backend no longer transmits all the reverse entries too (Norbert Sendetzky) * PostgreSQL backend now does error checking. It would be a bit too trusting before. Improvements, cleanups: * PowerDNS now reports the numerical IP addresses it binds to instead of the, possibly, alphanumeric names the operator passed. * Removed only-soa hackery (noticed by Norbert Sendetzky) * Debian packaging fixes (Wichert Akkerman) * Some parameter descriptions were improved. * Cleanups by Norbert: getAuth moved to chopOff, arguments::contains massive cleanup, more. __________________________________________________________ 1.3.23. Version 2.9.11 Yet another iteration, hopefully this will be the last silly release. Warning There has been a change in behaviour whereby disable-axfr does what it means now! From now on, setting allow-axfr-ips automatically disables AXFR from unmentioned subnets. This release enables AXFR again, disable-axfr did the opposite of what it claimed. Furthermore, the pdns_recursor now cleans its cache, which should save some memory in the long run. Norbert contributed some small LDAP work which should come in useful in the future. __________________________________________________________ 1.3.24. Version 2.9.10 Small bugfixes, LDAP update. Released 3rd of July 2003. Apologies for the long delay, real life keeps interfering. Warning Do not use or try to use 2.9.9, it was a botched release! Warning There has been a change in behaviour whereby disable-axfr does what it means now! From now on, setting allow-axfr-ips automatically disables AXFR from unmentioned subnets. * 2.9.8 was prone to crash on adding additional records. Thanks to excellent debugging by PowerDNS users worldwide, the bug was found quickly and is in fact present in all earlier PowerDNS releases, but for some reason doesn't cause crashes there. * Notifications now jump in front of the queue of domains that need to be checked for changes, giving much greater perceived performance. This is needed if you have tens of thousands of slave domains and your master server is on a high latency link. Thanks to Mark Jeftovic of EasyDNS for suggesting this change and testing it on their platform. * Dean Mills reported that PowerDNS does confusing logging about changing GIDs and UIDs, fixed. Cosmetic only. * pdns_recursor may have logged empty lines for some users, fixed. Solution suggested by Norbert Sendetzky. * LDAP: DNS TTLs were random values (Norbert Sendetzky, Stefan Pfetzing). New ldap-default-ttl option. * LDAP: Now works with OpenLDAP 2.1 (Norbert Sendetzky) * LDAP: error handling for invalid MX records implemented (Norbert Sendetzky) * LDAP: better exception handling (Norbert Sendetzky) * LDAP: code cleanup of lookup() (Norbert Sendetzky) * LDAP: added support for scoped searches (Norbert Sendetzky) __________________________________________________________ 1.3.25. Version 2.9.8 Queen's day release! 30th of April 2003. Added support for AIX, fixed negative SOA caching. Some other cleanups. Not a major release but enough reasons to upgrade. Bugs fixed: * Recursor had problems expiring negatively cached entries, which wasted memory and also led to the continued non-existence of hosts that since had come into existence. * The Generic SQL backends did not lowercase the names of records, which led to new records not being found by case sensitive databases (notably PostgreSQL). Found by Volker Goetz. * NS queries for zones for which we did not carry authority, but only had delegation information, had their NS records in the wrong section. Minor detail, but a standards violation on etheless. Spotted by Stephane Bortzmeyer. Improvements: * Removed crypt.h dependency from powerldap.hh, which was a problem on some platforms (Richard Arends) * PowerDNS can't parse so called binary labels which we now detect and ignore, after printing a warning. * Specifying allow-axfr-ips now automatically disables AXFR for all non-mentioned addresses. * A Solaris ready init.d script is now part of the tar.gz (contributed, but I lost by whom). * Added some fixes to PowerDNS can work on AIX (spotted by Markus Heimhilcher). * Norbert Sendetzky contributed zone2ldap. * Everybody's favorite compiler warning from zone2sql.cc was removed! * Recursor now listens on TCP! __________________________________________________________ 1.3.26. Version 2.9.7 Released on 2003-03-20. This is a sweeping release in the sense of cleanup. There are some new features but mostly a lot of cleanup going on. Hiding inside is the bind2backend, the next generation of the bind backend. A work in progress. Those of you with overlapping zones, as mentioned in the changelog of 2.9.6, are invited to check it out by replacing launch=bind by launch=bind2 and renaming all bind- parameters to bind2-. Be aware that if you run with many small zones, this backend is faster, but if you run with a few large ones, it is slower. This will improve. Features: * Mark Bergsma contributed query-local-address which allows the operator to select which source address to use. This is useful on servers with multiple source addresses and the operating system selecting an unintended one, leading to remotes denying access. * PowerDNS can now perform AAAA additional processing optionally, turned on by setting do-ipv6-additional-processing. Thanks to Stephane Bortzmeyer for pointing out the need. * Bind2backend, which is almost in compliance with the new IETF AXFR-clarify (some would say 'redefinition') draft. This backend is not ready for primetime but you may want to try it if you currently have overlapping zones and note problems. An overlapping zone would be having "ipv6.powerdns.com" and "powerdns.com" zones on one server. Improvements: * Zone2sql would happily try to read from a directory and not give a useful error about this. * PowerDNS now reports the case where it can't figure out any IP address of slave nameservers for a zone * Removed receiver-threads setting which was experimental and in fact only made things worse. * LDAP backend updates from its author Norbert Sendetzky. Reverse lookups should work now too. * An error message about unparseable packets did not include the originating IP address (fixed by Mark Bergsma) * PowerDNS can now be started via path resolution while running with a guardian. Suggested by Maurice Nonnekes. * pdns_recursor moved to sbin (reported by Norbert Sendetzky) * Retuned some logger errorlevels, a lot of master/slave chatter was logged as 'Error'. Reported by Willem de Groot. Bugs fixed: * zone2sql did not remove trailing dots in SOA records. * ldapbackend did not include utility.hh which caused compilation problems on Solaris (reported by Remco Post) * pdns_control could leave behind remnants in case PowerDNS was not running (reported by dG) * Incoming AXFR did not work on Solaris and other big-endian systems (Willem de Groot helped debugging this long standing problem). * Recursor could crash on convoluted CNAME loops. Thanks to Dan Faerch for delivering coredumps. * Silly 'wuh' debugging output in zone2sql and bindbackend removed (spotted by Ivo van der Wijk) * Recursor neglected to differentiate between negative cache of NXDOMAIN and NOERROR, leading to problems with IPv6 enabled Windows clients. Thanks to Stuart Walsh for reporting this and testing the fix. * PowerDNS set the 'aa' bit on serving NS records in a zone for which it was authoritative. Most implementations drop the 'aa' bit in this case and Stephane Bortzmeyer informed us of this. PowerDNS now also drops the 'aa' bit in this case. * The webserver tended to fail after prolonged operation on FreeBSD, this was due to an uninitialised timeout, other platforms were lucky. Thanks to G.P. de Boer for helping debug this. * getAnswers() in dnspacket.cc could be forced to read bytes beyond the end of the packet, leading to crashes in the PowerDNS recursor. This is an ongoing project that needs more work. Reported by Dan Faerch, with a coredump proving the problem. __________________________________________________________ 1.3.27. Version 2.9.6 Two new backends - Generic ODBC (windows only) and LDAP. Furthermore, a few important bugs have been fixed which may have hampered sites seeing a lot of outgoing zonetransfers. Additionally, the pdns recursor now has 'query throttling' which is pretty cool. In short this makes sure that PowerDNS does not send out heaps of queries if a nameserver is unable to provide an answer. Many operators of authoritative setups are all too aware of recursing nameservers that hammer them for zones they don't have, PowerDNS won't do that anymore now, no matter what clients request of it. Warning There is an unresolved issue with the BIND backend and 'overlapping' slave zones. So if you have 'example.com' and also have a separate slave zone called 'external.example.com', things may go wrong badly. Thanks to Christian Laursen for working with us a lot in finding this issue. We hope to resolve it soon. * BIND Backend now honours notifies, code to support this was accidentally left out. Thanks to Christian Laursen for noticing this. * Massive speedup for those of you using the slightly deprecated MBOXFW records. Thanks to Jorn of ISP Services for helping and testing this improvement. * $GENERATE had an off-by-one bug where it would omit the last record to be generated (Christian Laursen) * Simultaneous AXFRs may have been problematic on some backends. Thanks to Jorn of ISP-Services again for helping us resolve this issue. * Added LDAP backend by Norbert Sendetzky, see Section A.12. * Added Generic ODBC backend for Windows by Michel Stol. * Simplified 'out of zone data' detection in incoming AXFR support, hopefully removing a case sensitivity bug there. Thanks again to Christian Laursen for reporting this issue. * $include in-zonefile was broken under some circumstances, losing the last character of a filename. Thanks to Joris Vandalon for noticing this. * The zoneparser was more case-sensitive than BIND, refusing to accept 'in' as well as 'IN'. Thanks to Joris Vandalon for noticing this. __________________________________________________________ 1.3.28. Version 2.9.5 Released on 2002-02-03. This version is almost entirely about recursion with major changes to both the pdns recursor, which is renamed to 'pdns_recursor' and to the main PowerDNS binary to make it interact better with the recursing component. Sadly, due to technical reasons, compiling the pdns recursor and pdns authoritative nameserver into one binary is not immediately possible. During the release of 2.9.4 we stated that the recursing nameserver would be integrated in the next release - this won't happen now. However, this turns out to not be that bad at all. The recursor can now be restarted without having to restart the rest of the nameserver, for example. Cooperation between the both halves of PDNS is also almost seamless. As a result, 'non-lazy recursion' has been dropped. See Chapter 11 for more details. Furthermore, the recursor only works on Linux, Windows and Solaris (not entirely). FreeBSD does not support the required functions. If you know any important FreeBSD people, plea with them to support set/get/swapcontext! Alternatively, FreeBSD coders could read the solution presented here in figure 5. The 'Contributor of the Month' award goes to Mark Bergsma who has responded to our plea for help with the label compressor and contributed a wonderfully simple and right fix that allows PDNS to compress just as well as Other namerervers out there. An honorary mention goes to Ueli Heuer who, despite having no C++ experience, submitted an excellent SRV record implementation. Excellent work was also performed by Michel Stol, the Windows guy, in fixing all our non-portable stuff again. Christof Meerwald has also done wonderful work in porting MTasker to Windows, which was then used by Michel to get the recursor functioning on Windows. Other changes: * dnspacket.cc was cleaned up by factoring out common operations * Heaps of work on the recursing nameserver. Has now achieved *days* of uptime! * Recursor renamed from syncres to pdns_recursor * PowerDNS can now serve records it does not know about. To benefit from this slightly undocumented feature, add 1024 to the numerical type of a record and include the record in binary form in your database. Used internally by the recursing nameserver but you can use it too. * PowerDNS now knows about SIG and KEY records *names*. It does not support them yet but can at least report so now. * HINFO records can now be transferred from a master to PowerDNS (thanks to Ueli Heuer for noticing it didn't work). * Yet more UltraSPARC alignment issues fixed (Chris Andrews). * Dropped non-lazy recursion, nobody was using it. Lazy recursion became even more lazy after Dan Bernstein pointed out that additional processing is not vital, so PowerDNS does its best to do additional processing on recursive queries, but does not scream murder if it does not succeed. Due to caching, the next identical query will be successfully additionally processed. * Label compression was improved so we can now fit all . records in 436 bytes, this used to be 460! (Code & formal proof of correctness by Mark Bergsma). * SRV support (incoming and outgoing), submitted by Ueli Heuer. * Generic backends do not support SOA serial autocalculation, it appears. Could lead to random SOA serials in case of a serial of 0 in the database. Fixed so that 0 stays zero in that case. Don't set the SOA serial to 0 when using Generic MySQL or Generic PostgreSQL! * J root-server address was updated to its new location. * SIGUSR1 now forces the recursor to print out statistics to the log. * Meaning of recursor logging was changed a bit - a cache hit is now a question that was answered with 0 outgoing packets needed. Used to be a weighted average of internal cache hits. * MySQL compilation did not include -lz which causes problems on some platforms. Thanks to James H. Cloos Jr for reporting this. * After a suggestion by Daniel Meyer and Florus Both, the built in webserver now reports the configuration name when multiple PowerDNS instances are active. * Brad Knowles noticed that zone2sql had problems with the root.zone, fixed. This also closes some other zone2sql annoyances with converting single zones. __________________________________________________________ 1.3.29. Version 2.9.4 Yet another grand release. Big news is the addition of a recursing nameserver which has sprung into existence over the past week. It is in use on several computers already but it is not ready for prime time. Complete integration with PowerDNS is expected around 2.9.5, for now the recursor is a separate program. In preliminary tests, the recursor appears to be four times faster than BIND 9 on a naive benchmark starting from a cold cache. BIND 9 managed to get through to some slower nameservers however, which were given up on by PowerDNS. We will continue to tune the recursor. See Chapter 12 for further details. The BIND Backend has also been tested (see the bind-domain-status item below) rather heavily by several parties. After some discussion online, one of the BIND authors ventured that the newsgroup comp.protocols.dns.bind may now in fact be an appropriate venue for discussing PowerDNS. Since this discussion, traffic to the PowerDNS pages has increased sixfold and shows no signs of slowing down. From this, it is apparent that far more people are interested in PowerDNS than yet know about it. So spread the word! In other news, we now have a security page at Section 1.4. Furthermore, Maurice Nonnekes contributed an OpenBSD port! See his page for more details! New features and improvements: * All SQL queries in the generic backends are now available for configuration. (Martin Klebermass, bert hubert). See Section A.5. * A recursing nameserver! See Chapter 12. * An incoming AXFR now only starts a backend zone replacement transaction after the first record arrived successfully, thus making sure no work is done when a remote nameserver is unable/unwilling to AXFR a zone to us. * Zoneparser error messages were improved slightly (thanks to Stef van Dessel for spotting this shortcoming) * XS4ALL's Erik Bos checked how PowerDNS reacted to a BIND installation with almost 60.000 domains, some of which with >100.000 records, and he discovered the pdns_control bind-domain-status command became very slow with larger numbers of domains. Fixed, 60.000 domains are now listed in under one second. * If a remote nameserver disconnects during an incoming AXFR, the update is now rolled back, unless the AXFR was properly terminated. * The migration chapter mentioned the use of deprecated backends. A tremendous number of bugs were discovered and fixed: * Zone parser would only accept $include and not $INCLUDE * Zone parser had problems with $lines with comments on the end * Wildcard ANY queries were broken (thanks Colemarcus for spotting this) * A connection failure with the Generic backends would lead to a powerdns reload (cast of many) * Generic backends had some semantic problems with slave support. Symptoms were oft-repeated notifications and transfers (thanks to Mark Bergsma for helping resolve this). * Solaris version compiles again. Thanks to Mohamed Lrhazi for reporting that it didn't. * Some UltraSPARC alignment fixes. Thanks to Mohamed Lrhazi for being helpful in spotting these. One problem is still outstanding, Mohamed sent a core dump that tells us where the problem is. Expect the fix to be in 2.9.5. Volunteers can grep the source for 'UltraSPARC' to find where the problem is. * Our support of IPv6 on FreeBSD had phase of moon dependent bugs, fixed by Peter van Dijk. * Some crashes of and by pdns_control were fixed, thanks to Mark Bergsma for helping resolve these. * Outgoing AXFR in pdns installations with multiple loaded backends was broken (thanks to Stuart Walsh for reporting this). * A failed BIND Backend incoming AXFR would block the zone until it succeeded again. * Generic PostgreSQL backend wouldn't compile with newer libpq++, fixed by Julien Lemoine/SpeedBlue. * Potential bug (not observed) when listening on multiple interfaces fixed. * Some typos in manpages fixed (reported by Marco Davids). __________________________________________________________ 1.3.30. Version 2.9.3a Note 2.9.3a is identical to 2.9.3 except that zone2sql does work Broad range of huge improvements. We now have an all-static .rpm and .deb for Linux users and a link to an OpenBSD port. Major news is that work on the Bind backend has progressed to the point that we've just retired our last Bind server and replaced it with PowerDNS in Bind mode! This server is operating a number of master and slave setups so it should stress the Bind backend somewhat. This version is rapidly approaching the point where it is a better-Bind-than-Bind and nearly a drop-in replacement for authoritative setups. PowerDNS is now equipped with a powerful master/slave apparatus that offers a lot of insight and control to the user, even when operating from Bind zonefiles and a Bind configuration. Observe. After the SOA of ds9a.nl was raised: pdns[17495]: All slave domains are fresh pdns[17495]: 1 domain for which we are master needs notifications pdns[17495]: Queued notification of domain 'ds9a.nl' to 195.193.163.3 pdns[17495]: Queued notification of domain 'ds9a.nl' to 213.156.2.1 pdns[17520]: AXFR of domain 'ds9a.nl' initiated by 195.193.163.3 pdns[17520]: AXFR of domain 'ds9a.nl' to 195.193.163.3 finished pdns[17521]: AXFR of domain 'ds9a.nl' initiated by 213.156.2.1 pdns[17521]: AXFR of domain 'ds9a.nl' to 213.156.2.1 finished pdns[17495]: Removed from notification list: 'ds9a.nl' to 195.193.163.3 (was acknowledged) pdns[17495]: Removed from notification list: 'ds9a.nl' to 213.156.2.1 (w as acknowledged) pdns[17495]: No master domains need notifications If however our slaves would ignore us, as some are prone to do, we can send some additional notifications: $ sudo pdns_control notify ds9a.nl Added to queue pdns[17492]: Notification request for domain 'ds9a.nl' received pdns[17492]: Queued notification of domain 'ds9a.nl' to 195.193.163.3 pdns[17492]: Queued notification of domain 'ds9a.nl' to 213.156.2.1 pdns[17495]: Removed from notification list: 'ds9a.nl' to 195.193.163.3 (was acknowledged) pdns[17495]: Removed from notification list: 'ds9a.nl' to 213.156.2.1 (w as acknowledged) Conversely, if PowerDNS needs to be reminded to retrieve a zone from a master, a command is provided: $ sudo pdns_control retrieve forfun.net Added retrieval request for 'forfun.net' from master 212.187.98.67 pdns[17495]: AXFR started for 'forfun.net', transaction started pdns[17495]: Zone 'forfun.net' (/var/cache/bind/forfun.net) reloaded pdns[17495]: AXFR done for 'forfun.net', zone committed Also, you can force PowerDNS to reload a zone from disk immediately with pdns_control bind-reload-now. All this happens 'live', per your instructions. Without instructions, the right things also happen, but the operator is in charge. For more about all this coolness, see Section B.1.1 and Section A.9.2. Warning Again some changes in compilation instructions. The hybrid pgmysql backend has been split up into 'gmysql' and 'gpgsql', sharing a common base within the PowerDNS server itself. This means that you can no longer compile --with-modules="pgmysql" --enable-mysql --enable-pgsql but that you should now use: --with-modules="gmysql gpgsql". The old launch-names remain available. If you launch the Generic PgSQL backend as gpgsql2, all parameters will have gpsql2 as a prefix, for example pgsql2-dbname. If launched as gpsql, the regular names are in effect. Warning The pdns_control protocol was changed which means that older pdns_controls cannot talk to 2.9.3. The other way around is broken too. This may lead to problems with automatic upgrade scripts, so pay attention if your daemon is truly restarted. Also make sure no old pdns_control command is around to confuse things. Improvements: * Bind backend can now deal with missing files and try to find them later. * Bind backend is now explicitly master capable and triggers the sending of notifications. * General robustness improvements in Bind backend - many errors are now non-fatal. * Accessability, Serviceability. New pdns_server commands like bind-list-rejects (lists zones that could not be loaded, and the reason why), bind-reload-now (reload a zone from disk NOW), rediscover (reread named.conf NOW). More is coming up. * Added support for retrieving RP (Responsible Person) records from remote masters. Serving them was already possible. * Added support for LOC records, which encode the geographical location of a host, both serving and retrieving (thanks to Marco Davids using them on our last Bind server, forcing us to implement this silly record). * Configuration file parser now strips leading spaces too, allowing "chroot= /tmp" to work, as well as "chroot=/tmp" (Thanks to Hub Dohmen for reporting this for months on end). * Added bind-domain-status command that shows the status of all domains (when/if they were parsed, any errors encountered while parsing them). * Added bind-reload-now command that tries to reload a zone from disk NOW, and reports back errors to the operator immediatly. * Added retrieve command that queues a request to retrieve a zone from its master. * Zones retrieved from masters are now stored way smaller on disk because the domain is stripped from records, which is derived from the configuration file. Retrieved zones are now prefixed with some information on where they came from. Changes: * gpgsql and gmysql backends split out of the hybrid pgmysqlbackend. This again changed compilation instructions! * pdns_control now uses the rarely seen SOCK_STREAM Unix Domain socket variety so it can transport large amounts of text, which is needed for the bind-domain-status command, for which see Section A.9.2. This breaks compatability with older pdns_control and pdns_server binaries! * Bind backend now ignores 'hint' and 'forward' and other unsupported zone types. * AXFRs are now logged more heavily by default. An AXFR is a heavy operation anyhow, some more logging does not further increase the load materially. Does help in clearing up what slaves are doing. * A lot of master/slave chatter has been silenced, making output more relevant. No more repetitive 'No master domains need notifications' etc, only changes are reported now. Bugfixes: * Windows version did not compile without minor changes. * Confusing error reporting on Windows 98 (which does not support PowerDNS) fixed * Potential crashes with shortened packets addressed. An upgrade is advised! * notify (which was already there, just badly documented) no longer prints out debugging garbage. * pgmysql backend had problems launchin