From: Bert Hubert Date: Sun, 3 Aug 2008 18:40:15 +0000 (+0000) Subject: documentation updates heading up to 2.9.22 X-Git-Tag: rec-3.2~278 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1d6edfd330adc8a5a447686622991d33cfc1813e;p=pdns documentation updates heading up to 2.9.22 git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1244 d19b8d6e-7fed-0310-83ef-9ca221ded41b --- diff --git a/pdns/docs/pdns.sgml b/pdns/docs/pdns.sgml index b519eac8a..772f15b9e 100644 --- a/pdns/docs/pdns.sgml +++ b/pdns/docs/pdns.sgml @@ -92,6 +92,255 @@ Beyond PowerDNS 2.9.20, the Authoritative Server and Recursor are released separately. + Authoritative Server version 2.9.22 + + + + UNRELEASED! + + + + + + + + DNSSEC records were part of 2.9.21, but were not actually hooked up. Please note that while PowerDNS can serve most DNSSEC records, + it does not do DNSSEC processing. Implemented in C1046. + + + + + Andre Lorbach of Adiscon discovered the microsoft windows 2003 nameserver + adds out of zone data to zonetransfers, which we need to ignore, instead of + rejecting the entire zone. Implemented in C1048. + + + + + Direct queries for 'fancy records' would lead to errors, such queries now fail early. Spotted by Jorn Ekkelenkamp, implemented in C1051. + + + + + Address issues found by more recent g++ versions. Spotted and/or fixed by Jorn Ekkelenkamp (c1051), Marcus Rueckert (c1094), Norbert Sendetzky (c1107), + Serge Belyshev (c1171). + + + + + The Intel C Compiler implements certain things differently, causing the master/slave communicator to malfunction. Spotted by Marcus Rueckert, implemented + in C1052, plus fallout in C1105. + + + + + Zone2sql now reads source files in performance enhancing inode order. Additionally, zone2sql no longer dies on a missing zone file if + --on-error-resume-next was specified. Finally, statistics of zone2sql confersion have been improved. Implemented in C1055. + + + + + Zoneparser improvements mean $TTL and $INCLUDES now work a lot better. Additionally, trailing spaces + no longer confuse the parser. Implemented in C1056, C1062. + + + + + Jelte Jansen of Stichting NLNetLabs discovered PowerDNS couldn't operate as a root-server! Fixed in C1057. + + + + + Move from select() to poll()-based multiplexing, allowing PowerDNS to listen on more than 1024 sockets simultaneously. + One big PowerDNS user needs this. Implemented in C1072. + + + + + 'DPS' discovered there was a rare opportunity for PowerDNS to lock up waiting for new data. Addressed in C1076. + + + + + Implemented a notification proxy, see . This work was sponsored by UPC Broadband. Implemented in commits c1075, c1077, c1082, + c1083, c1085, c1086. + + + + + Several memory leaks on bad data in the database or other errors have been fixed. Addressed in C1078 and C1079. + + + + + In contravention to the documentation, the domain type as specified in the database ('MASTER', 'SLAVE' or 'NATIVE') was interpreted + case sensitively. C1084. + + + + + BIND backend could crash on processing information about slave zones to be checked. Spotted by Stefan Schmidt, fixed in C1089. + + + + + Fix typo in geobackend, closing t157, implemented in C1090. + + + + + Fix handling of TCP timeouts to not cause a reload of the backends. Implemented in c1092. + + + + + Treat invalid WWW requests better. Spotted by Maikel Verheijen, implemented in c1092. + + + + + Documentation errors and typos, spotted by Marco Davids (c1097) and Rejo Zengers (c1119) + + + + + Properly fill out the 'recursion available'-flag. Spotted by Augie Schwer in t167. + + + + + Initial work on TSIG support - not done yet. Spurred on by Marco Davids. + + + + + IXFR queries are now support in the sense that we treat them as AXFR queries, silencing warning in other nameservers. Suggested in t131. + + + + + BIND backend speedups in c1108, measured at around a 20% improvement, possibly more on very large setups. + + + + + The PIPE backend has been extended by David Apgar to allow the reporting of errors using the 'FAIL' command, plus + support for responses with whitespace. Implemented in c1114. + + + + + PowerDNS Authoritative server now parses incoming EDNS options, like maximum allowed packet size. Implemented in c1123. + + + + + Embarrassingly, the 'master' configuration setting was not documented in the list of all settings! + + + + + Added support for DHCID, IPSECKEY and KX records, thanks Norbert Sendetzky for the hint. Implemented in c1144. + + + + + Fix subtle CNAME and wildcard interactions reported by 'zzyzz', implemented in c1147. + + + + + + Norbert Sendetzky has has added support for all record types supported by PowerDNS to the LDAPBackend. Furthermore, the detection + of OpenLDAP in autoconf has been improved. Finally, debian has supplied some fixes to PowerLDAP. Implemented in c1152 and c1153. + + + + + Norbert has updated OpenDBX so that SQLite reads and writes no longer deadlock, plus compliation fixes on Solaris, plus the addition + of autoserials to backends that support triggers. Implemented in c1154. + + + + + Labels are compressed more efficiently (case-insensitively), leading to smaller packets. Implemented in c1156. + + + + + Random generator is now based on AES, improving the security of certain proxy operations. This is the same random generator that is in + the recursor. + + + + + The generic backends did not honour the default-ttl setting. Spotted and implemented by Matti Hiljanen. + + + + + Matti Hiljanen discovered that the OpenDBX backend did not fill out the SOA ttl value properly. Matti also improved the SQL statements + for better compatability. Implemented in c1181. + + + + + Documentation for 'supermaster' mode was improved due to popular demand. + + + + + PowerDNS Authoritative caches were completely redone, and are now based on the same cache that is in the resolver. This work has been sponsored + by Directi. In large benchmarks, PowerDNS performance has improved by an order of magnitude or more. This new version allows for near-instantaneous + cache purging, plus very rapid purging based on suffix. Purge commands can also be batched. This work is partially based on an innovative + reverse-string comparison function authored by Aki Tuomi. + + + + + Implemented EDNS NSID option for retrieving the nameserver ID out of band. Defaults to hostname, can be specified using the + server-id setting. Code in c1232. + + + + + Implemented experimental EDNS PING for enhanced forgery resilience. Code in c1232. + + + + + Shawn Starr migrated all his domains to PowerDNS in one evening, from an installation that had been used since BIND4. + In doing so, he found 3 bugs in as many hours. An IN statement in the BIND named.conf + with a zone with a trailing dot was misparsed, fixed in c1233. Secondly, the zonefile parser tripped over a line consisting of nothing + but comments in the wrong place. Finally '$ORIGIN .' was misparsed. Last two issues fixed in c1234. + + + + + + The zoneparser error messages were vastly improved, partially inspired by Shawn's cowboy migration. Code in c1235. + + + + + Tyler Hall discovered the PowerDNS configuration file parser had problems with trailing tabs. This turned out to be a wider problem in PowerDNS. + Buggy code replaced by a library call in c1237 and c1240. + + + + + PowerDNS used to ignore certain queries it could not answer. These queries are no longer ignored, but get a SERVFAIL response. Implemented in c1239. + + + + + Connection reset by peer events in the TCP nameserver no longer lead to the cycling of database connections. Code in c1241. + + + + + + Recursor version 3.1.7 Released the 25th of June 2008. @@ -8932,6 +9181,14 @@ end Turn on master support. Boolean. + + max-cache-entries + + + Maximum number of cache entries. 1 million will generally suffice for most installations. Available since 2.9.22. + + + max-queue-length=... If this many packets are waiting for database attention, consider the situation hopeless and respawn. @@ -8956,6 +9213,15 @@ end Do not attempt to shuffle query results. + + server-id + + + This is the server ID that will be returned on an EDNS NSID query. Defaults to the host name. + + + + out-of-zone-additional-processing | --out-of-zone-additional-processing=yes | --out-of-zone-additional-processing=no Do out of zone additional processing. This means that if a malicious user adds a '.com' zone to your server, it is not used for