Greetings DNS Fans!
Release v4.9.0 has many new features, a preview of a major performance improvement ('ppreview'/'ppush') and many bug fixes! Thanks to everyone for their contributions! This is a community effort and it wouldn't be a success without all your help!
Highlights:
ppreview/ppushare new subcommands that are a preview of significantly faster versions ofpreview/push. See below.- REV() now supports RFC4183!
- DNAME records are now supported.
get-zones --format-jsoutput follows recommended practices better.- @cafferata has continued to make big improvements in documentation consistency, accuracy, and completeness.
- @cafferata has further automated and enhanced the CICD process.
- Code cleanup: A lot of dead code and linting completed.
Preview performance experiment
Subcommands ppreview/ppush are experimental versions of preview/push that collect all data concurrently (i.e. in parallel). If this is a success, they will replace the existing preview/push subcommands. Some benchmarks show a 66% reduction in run-time! This rewrite is something we've wanted to do for 6+ years!
dnscontrol preview # The original command
dnscontrol ppreview # Run capable providers in parallel
dnscontrol ppreview --cmode=none # Run each provider one at a time
dnscontrol ppreview --cmode=all # Run all providers concurrently (unsafe!)
Here's some unscientific benchmarks based on the dnsconfig.js used at Stack Overflow:
- 3m21.549s (preview)
- 2m34.349s (ppreview --cmode=none)
- 1m5.368s (ppreview)
FYI: Add the --full flag to see what it is doing.
The "Concurrency Verified" column on https://docs.dnscontrol.org/service-providers/providers indicates which providers will run concurrently. (As of this release: AZURE_DNS, CLOUDFLAREAPI, CSCGLOBAL, GCLOUD, ROUTE53). If any provider related to a DNS domain (registrar or DNS service provider(s)) are not on the list, the domain is processed one at a time.
Do you maintain a provider? Please check if your provider can run concurrently. See #2873 for instructions
Are you a golang performance guru? I need help! I thought the concurrent version would be much faster. Can you help me find the problem?
Changelog
Major features:
- 4765f40: FEATURE: New capability: Can provider run concurrently (#2876) (@tlimoncelli)
- 1d96981: NEW FEATURE: Add RFC4183 support to REV() (#2879) (@tlimoncelli)
- 68c5e87: NEW FEATURE: Gather data for providers concurrently (#2873) (@tlimoncelli)
- a9a4725: BUG: ALIAS target not properly canonicalized (#2899) (@tlimoncelli)
- 42125b5: NEW RECORD TYPE: DNAME (#2893) (@imlonghao)
- 544d731: get-zones now outputs
END);notation and prettier whitespace (#2849) (@tlimoncelli)
Provider-specific changes:
- 32b8863: AXFRDDNS: Avoid appending dot if TSIG key ID already has a dot suffix (#2855) (@halochou)
- 73c303b: CLOUDFLAREAPI: Permit adding NS records to apex domain (#2864) (@xtexChooser)
- eb19b31: GCORE: Allow PTR records (#2890) (@xtexChooser)
- f9cff3d: GCORE: add DNSSEC support (#2904) (@xddxdd)
- 22d96f2: deSEC: API rejects empty updates caused by IGNORE() of all records (#2830) (@tlimoncelli)
Documentation:
- 293d5cb: DOCS: Add missing docs for fmt, global flags, preview-push (#2886) (@tlimoncelli)
- 998c32e: DOCS: Broken documentation URL's (#2839) (@cafferata)
- c112e91: DOCS: Commands preview/push (#2888) (@cafferata)
- 3918c75: DOCS: Document daily update limits (#2835) (@tlimoncelli)
- 11d8e08: DOCS: Trailing commas (#2851) (@cafferata)
- 4f23b2a: DOCS: Warn that get-certs will be removed without notice (#2902) (@tlimoncelli)
- e3ea652: Docs: Fixed step number in
writing-providers(#2820) (@riku22) - 27feced: GitHub: Added contact links (#2852) (@cafferata)
- 1ae265e: Add documentation for preview/push (#2884) (@tlimoncelli)
CI/CD:
- 3920d19: Build(deps): Bump actions/cache from 4.0.0 to 4.0.1 (#2869) (@dependabot[bot])
- 17115b6: Build(deps): Bump actions/upload-artifact from 4.3.0 to 4.3.1 (#2836) (@dependabot[bot])
- 0f4ca76: Build(deps): Bump alpine from 3.19.0 to 3.19.1 (#2823) (@dependabot[bot])
- 3beb49f: Build(deps): Bump github.com/softlayer/softlayer-go from 1.1.2 to 1.1.3 (#2827) (@dependabot[bot])
- c9e9e21: CICD: Bugfix: Changes introduced while tagging new releases cause git problems (#2818) (@tlimoncelli)
- 2cb4dcf: CICD: Bumps actions/upload-artifact from 3.1.3 to 4.3.0 (#2831) (@cafferata)
- d1b599b: CICD: GitHub Action check git status (#2817) (@cafferata)
- f010c1b: CICD: GoReleaser JSON Schema (#2816) (@cafferata)
- 558d2e8: CICD: GoReleaser release footer (#2853) (@cafferata)
- dbbc9e5: CICD: Provide the correct GitHub action contexts (#2842) (@cafferata)
- fab3172: CHORE: Refactor integration tests to support multiple tests (@tlimoncelli)
- 060e50d: CHORE: Update dependencies (@tlimoncelli)
- 46ca50e: CHORE: Update dependencies (@tlimoncelli)
- 68a00bb: DEV: Fix broken DNAME test (#2903) (@tlimoncelli)
- f5bb6e6: Revert "CHORE: Refactor integration tests to support multiple tests" (@tlimoncelli)
- 68314ee: TESTING: Bug: integration tests ignore 'type' in ignoreTarget (#2867) (@tlimoncelli)
Dependencies:
- bb3d191: CHORE: Vendor go-powershell (#2837) (@tlimoncelli)
- 5e211fc: CHORE: Update deps (#2900) (@tlimoncelli)
- 3057a0b: CHORE: Update deps (@tlimoncelli)
- 17d644c: CHORE: update deps (#2906) (@tlimoncelli)
- 139cc28: CHORE: Upgrade deps (#2829) (@tlimoncelli)
- 408a70e: DEV: Adopt go 1.22.1 as minimum compiler version (#2885) (@tlimoncelli)
- 02b0bed: DEV: Upgrade to go 1.22.x (#2882) (@tlimoncelli)
- c35e062: Revert NS1 (@tlimoncelli)
- 2e5d01e: SECURITY: Fix protobuf security issue (#2875) (@tlimoncelli)
- 3a84f6c: upgrade deps (#2881) (@tlimoncelli)
Other changes and improvements:
- dfda97b: Remove dead code in WriteTypes (@tlimoncelli)
- e52ec54: Remove unused CantUseNOPURGE capability (#2877) (@tlimoncelli)
- 18f7208: Remove unused t parameter in setupTestShellCompletionCommand (@tlimoncelli)
- e6c03c0: cleanup: Remove dead code and unused params (@tlimoncelli)
- ea71a9c: deadcode: CaaTargetHasSemicolon (@tlimoncelli)
- 798c0d6: deadcode: Change/ChangeList.String (@tlimoncelli)
- 4f32ddf: deadcode: DebugUnmanagedConfig (@tlimoncelli)
- 0576cec: deadcode: Errorf (@tlimoncelli)
- 4d13c02: deadcode: NewUTF8, utf8.Execute, utf8.Exit (@tlimoncelli)
- a3dad4d: deadcode: RRstoRCs (moved) (@tlimoncelli)
- 951b47d: deadcode: SSH.StartProcess, SSH.createCmd, SSH.quote (@tlimoncelli)
- 28ca119: deadcode: WriteZoneFileRR (@tlimoncelli)
- 2ff585d: deadcode: dump Print (@tlimoncelli)
- 80ff814: deadcode: groupbyRSet (@tlimoncelli)
- 34d6e07: deadcode: groupbyRSet (@tlimoncelli)
- ed999b9: deadcode: justMsgString (move to test) (@tlimoncelli)
- c0d8ca7: deadcode: move createTestWorker (@tlimoncelli)
- ce12d89: deadcode: move sfplib.Lookups to parse_test.go (@tlimoncelli)
- 1b16cf4: deadcode: providers/doh/auditrecords.go (not a DSP) (@tlimoncelli)
- bdad44f: deadcode: providers/internetbs/auditrecords.go (not a DSP) (@tlimoncelli)
- 15f7737: deadcode: providers/opensrs/auditrecords.go (not a DSP) (@tlimoncelli)
- e4dc7aa: deadcode: quotedList() keysWithColons() (@tlimoncelli)
- b1477d3: fix unused params in: pkg/normalize (@tlimoncelli)
- 30942ac: fix unused params in: providers/akamaiedgedns (@tlimoncelli)
- b1c6ddc: fix unused params in: providers/azuredns (@tlimoncelli)
- e98187e: fix unused params in: providers/azureprivatedns (@tlimoncelli)
- e9f119d: fix unused params in: providers/cscglobal (@tlimoncelli)
- ad2fb7e: fix unused params in: providers/desec (@tlimoncelli)
- 9d9219e: fix unused params in: providers/digitalocean (@tlimoncelli)
- 4059ef1: fix unused params in: providers/dnsmadeeasy (@tlimoncelli)
- a2b0970: fix unused params in: providers/doh (@tlimoncelli)
- 4a1340b: fix unused params in: providers/hexonet (@tlimoncelli)
- 004dc4d: fix unused params in: providers/hostingde (@tlimoncelli)
- a51a9f9: fix unused params in: providers/oracle (@tlimoncelli)
- 570ce5e: fix unused params in: providers/packetframe (@tlimoncelli)
- 454f59f: fix unused params in: providers/rwth (@tlimoncelli)
- e589a8e: fix unused params in: providers/vultr (@tlimoncelli)
- dd87f01: gofmt (@tlimoncelli)
- 51d1c57: remove unused parameters (@tlimoncelli)
- 3b01dc8: unused param t in testPermitted() (@tlimoncelli)
- c3580b1: unused parameter knownFailures in cfg[], getProvider, runTests (@tlimoncelli)
- 822a40c: unused params in makeUknown() and formatDsl() (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrolInstall with MacPorts
sudo port install dnscontrolUsing with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol previewAnywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@mainUpdate
Update to the latest version depends on how you choose to install dnscontrol on your machine.
Update with Homebrew
brew upgrade dnscontrolInstall with MacPorts
sudo port upgrade dnscontrolAlternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.