PowerDNS is a DNS server with a database as back-end, which makes it easy to manage a large number of DNS entries. Support for MySQL, Oracle and PostgreSQL, among others, is available. In addition, you can use Perl to put together any desired link. For example, the program is used for the E164.info domain for handling all DNS traffic. As of today, version 2.9.19 is available with the following announcement:
As with other recent releases, the usage of PowerDNS appears to have skyrocketed. Informal, though strict, measurements show that PowerDNS now powers around 50% of all German domains, and somewhere in the order of 10-15% of the rest of the world. Furthermore, DNS is set to take a central role in connecting Voice over IP providers, with PowerDNS offering a very good feature set for these ENUM deployments. PowerDNS is already powering the E164.info ENUM zone and also acts as the backend for a major VoIP provisioning platform.
Included in this release is the now complete packet parsing/generating, record parsing/generating infrastructure. Furthermore, this framework is used by the recursor, hopefully making it very fast, memory efficient and robust. Many records are now processed using a single line of code. This has made the recursor a lot stricter in packet parsing, you will see some error messages which did not appear before. Rest assured however that these only happen for which have no valid answer in any queries case.
Furthermore, support for DNSSEC records is available in the new infrastructure, although is should be emphasized that there is more to DNSSEC than parsing records. There is no real support for DNSSEC (yet).
Additionally, the BIND Backend has been replaced by what was up to now known as the ‘Bind2Backend’. Initial benchmarking appears to show that this backend is faster, uses less memory and has shorter startup times. The code is also shorter.
This release fixes a number of embarrassing bugs and is a recommended upgrade.
Thanks are due to XS4ALL who are supporting continuing development of PowerDNS, the fruits of which can be found in this release already. Furthermore, a remarkable number of people have helped report bugs, validate solutions or have submitted entire patches. Many thanks!
- dnsreplay now has a help message and has received further massive updates, making the code substantially faster. It turns out that dnsreplay is often ‘heavier’ than the PowerDNS process being benchmarked.
- PowerDNS recursor no longer prints out its queries by default as most recursor deployments have too much traffic for this to be useful.
- PowerDNS recursor is now able to read its root-hints from disk, which is useful to operate with alternate roots, like the Open Root Server Network. See Chapter 12.
- PowerDNS can now send out old-fashioned root-referrals when queried for domains for which it is not authoritative. Wastes some bandwidth but may solve incoming query floods if domains are delegated to you for which you are not authoritative, but which are queried by broken recursors.
- PowerDNS now prints out a warning when running with legacy LinuxThreads implementation instead of the high performance NPTL library, see Section 9.2. Commit 455.
- A lot of superfluous calls to gettimeofday() have been removed, making PowerDNS and especially the recursor faster. Suggested by Kai.
- SPF records are now supported natively. Commit 472, closing ticket 22.
- Improved IPv6 ‘bound to’ messages. Thanks to Niels Bakker, Wichert Akkermans and Gerty de Wolf for suggestions.
- Separate graphs can now be made of IPv6 queries and answers. Commit 485.
- Out of zone additional processing is now on by default to better comply with standards. Commit 487.
- Regression tests have been expanded to deal with more record types (SRV, NAPTR, TXT, duplicate SRV).
- Improved query logging in Bindbackend, which can be used for debugging purposes.
- Dropped libpcap dependency, making compilation easier
- pdns_control now has a help message.
- Add RRSIG, DNSKEY, DS and NSEC records for DNSSEC-bis to new parser infrastructure.
- Recursor now honors EDNS0 allowing it to send out larger answers.
- Domain name validation has been made a lot stricter – it turns out PostgreSQL was interpreting some (corrupt) domain names as unicode. Tested and suggested by Register.com (commit 451).
- LDAP backend did not compile (commit 452, 453) due to partially applied patch (Norbert Sendetzky)
- Incoming zone transfers work reliably again. Commit 460 and beyond. And 523 – closing Debian bug 330184.
- Recent g++ versions exposed a mistake in the PowerDNS recursor cache pruning code, causing random crashes. Fixed. Commit 465. Reported by several Red Hat users.
- PowerDNS recursor, and MTasker in general, did not work on Solaris. Patch by Juergen Ilse. Commit 471. Also moved most of PowerDNS over to uint32_t style typedefs, which eases compilation problems on Solaris. Commit 477.
- Bindbackend2 did not properly search its include path for $INCLUDE statements. Noted by Mark Bergsma. Commit 474.
- Bindbackend did not notice changed zones, this problem has been fixed by the move to Bind2.
- Pipebackend did not clean up, leading to an additional pipe backend per AXFR or pdns_control reload. Discovered by Marc Jauvin, fixed by commit 525.
- Bindbackend (both old and current versions) did not honor ‘include’ statements in named.conf on pdns_control rediscover. Noted by Marc Jauvin, fixed by commit 526.
- Zone transfers were sometimes shuffled, which wastes useless time. Commit 478.
- CNAMEs and Wildcards now work as in Bind, fixing many complaints. Commit 487.
- NAPTR records were compressed, which would work, but was in violation of the RFC. Commit 493.
- NAPTR records were not always parsed correctly from BIND zonefiles, fixed. Commit 494.
- Geobackend needed additional include statement to compile on more recent Linux distributions. Commit 496.
|Operating systems||Windows NT, Windows 2000, Linux, BSD, Windows XP, macOS, Solaris, UNIX, Windows Server 2003|