This release enables some commonly used features by default, and introduces
experimental support for AF_XDP sockets that can be enabled with the
--enable-xdp
feature flag (see https://nsd.docs.nlnetlabs.nl/en/latest/xdp.html).
4.13.0
FEATURES:
- Use '(all)' and '(none)' for the socket server affinity
log output instead of '*' and '-'. - The --enable-bind8-stats feature, was already enabled by default,
is described as enabled by default in usage. - The --enable-zone-stats feature is enabled by default. It can be
turned on with config likezonestats: "%s"
. - The --enable-ratelimit feature is enabled by default. The
ratelimit value is off by default. It can be turned on with
config likerrl-ratelimit: 200
. - The --enable-dnstap feature is enabled by default. If fstrm-devel
or protobuf-c are not found by configure it prints an error.
It can be turned on with config likednstap-enable: yes
. - Change default for send-buffer-size to 4m, to mitigate a
cross-layer issue where the UDP socket send buffers are
exhausted waiting for ARP/NDP resolution. Thanks to Reflyable
for the report. - Disable TLSv1.2 if TLSv1.3 is available.
- Merge #449: Add useful logging for XoT transfers.
- Merge #425: Add experimental XDP (AF_XDP) support for UDP traffic
- Merge #455: --with-dbdir option for configure to set the base
directory for the xfrd zone timer state file, the zone list file
and the cookie secrets file. Thanks Simon Josefsson. - Merge #456: Spelling fixes in metrics.c. Thanks Simon Josefsson.
BUG FIXES:
- Fix punctuation of nsd -h output for the -a option.
- Fix checkconf unit test for when metrics are not enabled.
- Prometheus metrics tests require --enable-zone-stats.
- Add unit test for socket server affinity log output.
- Move xfrd-tcp unit test to its own file.
- Fix contrib/nsd.spec to omit configure flags that are default or
that do not exist. - Fix to remove mention of obsolete root-server option.
- Fix mention of draft-rrtypes and root-server configure options.
- Fix ci workflow for enable dnstap.
- Fix to remove use of sprintf from metrics.
- Fix for fstrm and protobuf-c for ci workflow coverity-scan.
- Fix for parallel build of dnstap protoc-c output.
- Fix to remove unneeded mkdir from Makefile.
- Fix dnstap to use protoc and keep dnstap_config.h unchanged if
possible. - Fix to provide doc for --enable-systemd.
- Fix to remove debug printout for configure dnstap header.
- Fix #441: SystemD script for NSD prevents using chroot.
- Fix to add checks for compression pointers and too long dnames in
internal dname routines, dname_make and ixfr dname_length. - Fix to remove shell assignment operator from Makefile for DATE.
- make depend.
- Fix bitwise operators in conditional expressions with parentheses.
- Fix conditional expressions with parentheses for bitwise and.
- Merge #445: contrib/nsd.openrc.in: use supervise-daemon and
addneed net
. - Fix #446 nsd_size_db_in_mem_bytes (size.db.mem) metric not
updated on reload. - Merge #447: Minimize disruptions on reconfig.
- For #447: Updated simdzone to latest commit. With the padding
test changes. - For #447: use need_to_send_reload to detect if a reload is issued.
- For #447: acl_list_equal already tests for TSIG key changes, so
removed the duplicate checks. - For #447: log crypto error with the SSL_write error.
- Update simdzone with support for --enable-pie.
- Merge #454 from jaredmauch: handle rare case but seen in
production where data->query is NULL.
simdzone 0.2.3
FEATURES:
- check_pie: match nsd support (#253).
BUG FIXES: