From: Bert Hubert Date: Sun, 10 Jul 2005 13:52:35 +0000 (+0000) Subject: documentation updates X-Git-Tag: pdns-2.9.18~12 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=50c5669610f33d60d0c9b2c6b9ca132102ddc4ce;p=pdns documentation updates git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@437 d19b8d6e-7fed-0310-83ef-9ca221ded41b --- diff --git a/pdns/INSTALL b/pdns/INSTALL index 93ed08cae..17ba58097 100644 --- a/pdns/INSTALL +++ b/pdns/INSTALL @@ -1,3 +1,3 @@ Read http://doc.powerdns.com/compiling-powerdns.html -./configure ; make; ./installer should do the trick +./configure ; make; make install should do the trick though diff --git a/pdns/README b/pdns/README index 7b1af0f7d..11a0b1309 100644 --- a/pdns/README +++ b/pdns/README @@ -1,25 +1,2 @@ -See http://pdns.powerdns.com and especially -http://pdns.powerdns.com/doc & http://pdns.powerdns.com/doc/pdns.pdf +See http://doc.powerdns.com -For those not reading documentation, and installing from the .tar.gz: - - $ ./choosepaths - or - $ editor pathconfig - - and then, as root - - # ./installer - -If you installed the RPM or the .deb, you can skip the above. - -If this went ok: - -# /etc/init.d/pdns monitor - -Now add "bind-example-zones" to pds.conf, and query your nameserver: - -$ host www.example.com 127.0.0.1 -www.example.com A 1.2.3.4 - -and NOW read the documentation! \ No newline at end of file diff --git a/pdns/docs/pdns.sgml b/pdns/docs/pdns.sgml index ec8b5c049..5408bfad6 100644 --- a/pdns/docs/pdns.sgml +++ b/pdns/docs/pdns.sgml @@ -81,9 +81,249 @@ Before proceeding, it is advised to check the release notes for your PDNS version, as specified in the name of the distribution file. + Version 2.9.18 (unreleased) + + The '8 million domains' release, which also marks the battle readiness of the PowerDNS Recursor. This release brings a number of new features, + but also has a new build dependency, the Boost library. + + + General bugs fixed: + + + + TCP authoritative server would not relaunch a backend after failure (reported by Norbert Sendetzky) + + + + + Fix backend restarting logic (reported, and suggested fix by Norbert Sendetzky) + + + + + Launching identical backends multiple times, with different settings, did not work. Reported by Mario Manno. + + + + + Questions from clients denied recursion could blank out answers to clients who are allowed recursion services, temporarily. Reported by Wilco Baan. + This would've made it possible for outsiders to blank out a domain temporarily to your users. Luckily PowerDNS would send out SERVFAIL or Refused, and + not a denial of a domain's existence. + + + + + Master/slave queries did not honour the query-local-address setting. Spotted by David Levy of Register.com. + The fix also randomises the local port used, slightly improving security. + + + + + + Compilation fixes: + + + + Fix compile on Solaris, they define 'PC' for some reason. Reported by Eric Yiu. + + + + + PowerDNS recursor would not compile on FreeBSD due to Linux specific defines, as reported in cvstrac ticket 26 (Ralf van der Enden) + + + + + Several 64 bits issues have been fixed, especially in the Logging subsystem. + + + + + SSQLite would fail to compile on recent Debian systems (Matthijs Mohlmann) + + + + + + Improvements: + + + + PowerDNS now reports stray command line arguments, like when running '--local-port 5300' instead of '--local-port=5300'. Reported by Christian Welzel. + + + + + We now warn against erroneous logging-facility specification, ie specifying an unknown facility. + + + + + --version now outputs gcc version used, so we can tell people 2.95 is no longer supported. + + + + + Extended regression tests, moved it to the new 'sdig' tool. + + + + + Bind2backend is now blazingly fast, and highly memory efficient to boot. As a special bonus it can read gzipped zones directly. + + + + + The Pipe Backend has been improved such that it can send out different answers based on the IP address the question was received ON. See + for how this changed the Pipe Backend protocol. Note that you need to set + pipebackend-abi-version to benefit from this change, existing clients are not affected. Change and documentation contributed + by Marc Jauvin of Register4Less. + + + + + + See for details. Recursor improvements and fixes: + + + + After half an hour of uptime, the entire cache would be pruned for each packet, which is a tad slow. It now appears + the pdns recursor is among the faststest around. + + + + + Lots of redundant gettimeofday() and time() calls were removed, which has resulted in a measurable speedup. + + + + + pdns_recursor can now listen on several addresses simultaneously. + + + + + Now supports setuid and setgid operation to allow running as a less privileged user (Bram Vandoren) + + + + + Return code of pdns_recursor binary did not make sense (Matthijs Mohlmann and Thomas Hood) + + + + + Timeouts and errors are now split out in statistics. + + + + + Many people reported broken statistics, it turned out that no statistics were being reported if there had been no questions to base them on. + We now log a message to that effect. + + + + + Add query-local-address support, which allows the recursor to send questions from a specific IP address. Useful + for anycast setups. + + + + + Add outgoing TCP query support and proper truncated answer support. Needed for Worldnic Denial of Service protection, which + sends out truncated packets to force clients to connect over TCP, which prevents spoofing. + + + + + Properly truncate our own answers. + + + + + Improve our TCP answers by using writev, which is slightly friendlier to the network. + + + + + Maximum number of simultaneous client TCP connections can now be limited with the max-tcp-clients setting. + + + + + Add agressive timeouts for TCP clients to make sure resources are not wasted. Defaults to two seconds, can be + configured with the client-tcp-timeout setting. + + + + + + Backend fixes: + + + + SQLite backend would not slave properly (Darron Broad) + + + + + Generic MySQL would not compile on 64-bit platforms. + + + + + + New technology: + + + + Added the new DNS parser logic, called MOADNSParser. Completely modular, every memory access checked. + + + + + 'sdig', a simple dig workalike with 'canonical' output, which is used for the regression tests. Based on the new DNS parser logic. + + + + + dnswasher, dnsreplay and dnsscope, all DNS analysis tools. See + for more details. + + + + + Generic MySQL would not compile on 64-bit platforms. + + + + + + New technology: + + + + Added the new DNS parser logic, called MOADNSParser. Completely modular, every memory access checked. + + + + + 'sdig', a simple dig workalike with 'canonical' output, which is used for the regression tests. Based on the new DNS parser logic. + + + + + Generic Oracle Backend, sponsored by Register.COM. See . + + + + + + + Version 2.9.17 - See the new timeline for progress reports. + See the new timeline for progress reports. The 'million domains' release - PowerDNS has now firmly established itself as a major player with the @@ -3871,9 +4111,6 @@ name IN A 1.2.3.4 - - - @@ -5123,7 +5360,7 @@ local0.err /var/log/pdns.err or ask him to port MTasker (see below) to your operating system. - May have big problems with truncated packets. + May have big problems with truncated packets (solved in 2.9.18) @@ -5132,14 +5369,7 @@ local0.err /var/log/pdns.err compiled. To run on a different port, use ./syncres --local-port=53. To bind to another address, use the local-address setting. - - - - PowerDNS author bert hubert has the pdns recursor in production and browsing with it works for him. Furthermore, the LARTC - mailinglist (2000 subscribers) is using the pdns recursing nameserver. - - - + Good points: @@ -5149,6 +5379,9 @@ local0.err /var/log/pdns.err Can handle thousands of concurrent questions + + Appears to be very fast, and contains innovative query-throttling code to save time talking to obsolete or broken nameservers. + Code is written linearly, sequentially, which means that there are no problems with 'query restart' or anything. @@ -5181,6 +5414,14 @@ local0.err /var/log/pdns.err + + client-tcp-timeout + + + Time to wait for data from TCP clients. Defaults to 2 seconds. Available since 2.9.18. + + + config-dir @@ -5223,6 +5464,22 @@ local0.err /var/log/pdns.err + + max-tcp-clients + + + Maximum number of simultaneous incoming TCP connections allowed. Defaults to 128. Available since 2.9.18. + + + + + query-local-address + + + Send out local queries from this address. Useful for anycast. + + + quiet @@ -6551,6 +6808,40 @@ Feb 10 14:16:03 stats: 125784 questions, 13971 cache entries, 309 negative entri + Tools to analyse DNS traffic + + DNS is highly mission critical, it is therefore necessary to be able to study and compare DNS traffic. Since 2.9.18, PowerDNS comes + with three tools to aid in analysis: + + + dnsreplay pcapfile [ipaddress] [port number] + + + This program takes recorded questions and answers and replays them to a specified nameserver and reporting afterwards + which percentage of answers matched, were worse or better. + + + + + dnswasher pcapfile output + + + Anonymises recorded traffic, making sure it only contains DNS, and that the originating IP addresses of queries are stripped, which may + allow you to send traces to our company or mailing list without violating obligations towards your customers or privacy laws. + + + + + dnsscope pcapfile + + + Calculates statistics without replaying traffic + + + + + + Backends in detail This appendix lists several of the available backends in more detail @@ -9618,7 +9909,7 @@ static RandomLoader randomloader; Compiling PowerDNS on Unix - For now, see the Open Source PowerDNS site. + For now, see the Open Source PowerDNS site. ./configure ; make ; make install will do The Right Thing for most people. @@ -9634,6 +9925,10 @@ static RandomLoader randomloader; To compile a module for inclusion at runtime, which is great if you are a unix vendor, use --with-dynmodules="mod1 mod2 mod3". These modules then end up as .so files in the compiled libdir. + + Starting with version 2.9.18, PowerDNS requires 'Boost' to compile, it is available for most operating systems. Otherwise, see the Boost + website. + AIX Known to compile with gcc, but only since 2.9.8. AIX lacks POSIX semaphores so they need to be emulated, as with MacOS X.