Dear all, NSD 4.13.0 pre-release is available: https://nlnetlabs.nl/downloads/nsd/nsd-4.13.0rc1.tar.gz sha256 b5b48013eaf72f84c6feddbf452899909970a0194b1dc002a3aea97e70aacd09 pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.13.0rc1.tar.gz.asc
This release enables some commonly used features by default, and introduces experimental support for AF_XDP sockets that can be enabled with the `--enable-xdp` feature flag (see https://nsd.docs.nlnetlabs.nl/en/latest/xdp.html). Please review this pre-release carefully. If no issues arise, the actual release will follow on Wednesday 2025-09-03. 4.13.0 ================ FEATURES: - Use '(all)' and '(none)' for the socket server affinity log output instead of '*' and '-'. - The --enable-bind8-stats feature, was already enabled by default, is described as enabled by default in usage. - The --enable-zone-stats feature is enabled by default. It can be turned on with config like `zonestats: "%s"`. - The --enable-ratelimit feature is enabled by default. The ratelimit value is off by default. It can be turned on with config like `rrl-ratelimit: 200`. - The --enable-dnstap feature is enabled by default. If fstrm-devel or protobuf-c are not found by configure it prints an error. It can be turned on with config like `dnstap-enable: yes`. - Change default for send-buffer-size to 4m, to mitigate a cross-layer issue where the UDP socket send buffers are exhausted waiting for ARP/NDP resolution. Thanks to Reflyable for the report. - Disable TLSv1.2 if TLSv1.3 is available. - Merge #449: Add useful logging for XoT transfers. - Merge #425: Add experimental XDP (AF_XDP) support for UDP traffic - Merge #455: --with-dbdir option for configure to set the base directory for the xfrd zone timer state file, the zone list file and the cookie secrets file. Thanks Simon Josefsson. - Merge #456: Spelling fixes in metrics.c. Thanks Simon Josefsson. BUG FIXES: - Fix punctuation of nsd -h output for the -a option. - Fix checkconf unit test for when metrics are not enabled. - Prometheus metrics tests require --enable-zone-stats. - Add unit test for socket server affinity log output. - Move xfrd-tcp unit test to its own file. - Fix contrib/nsd.spec to omit configure flags that are default or that do not exist. - Fix to remove mention of obsolete root-server option. - Fix mention of draft-rrtypes and root-server configure options. - Fix ci workflow for enable dnstap. - Fix to remove use of sprintf from metrics. - Fix for fstrm and protobuf-c for ci workflow coverity-scan. - Fix for parallel build of dnstap protoc-c output. - Fix to remove unneeded mkdir from Makefile. - Fix dnstap to use protoc and keep dnstap_config.h unchanged if possible. - Fix to provide doc for --enable-systemd. - Fix to remove debug printout for configure dnstap header. - Fix #441: SystemD script for NSD prevents using chroot. - Fix to add checks for compression pointers and too long dnames in internal dname routines, dname_make and ixfr dname_length. - Fix to remove shell assignment operator from Makefile for DATE. - make depend. - Fix bitwise operators in conditional expressions with parentheses. - Fix conditional expressions with parentheses for bitwise and. - Merge #445: contrib/nsd.openrc.in: use supervise-daemon and add `need net`. - Fix #446 nsd_size_db_in_mem_bytes (size.db.mem) metric not updated on reload. - Merge #447: Minimize disruptions on reconfig. - For #447: Updated simdzone to latest commit. With the padding test changes. - For #447: use need_to_send_reload to detect if a reload is issued. - For #447: acl_list_equal already tests for TSIG key changes, so removed the duplicate checks. - For #447: log crypto error with the SSL_write error. - Update simdzone with support for --enable-pie. - Merge #454 from jaredmauch: handle rare case but seen in production where data->query is NULL. simdzone 0.2.3 ================ FEATURES: - check_pie: match nsd support (#253). BUG FIXES: - Fix tests to initialize padding (#252). - Fix for #253, add acx_nlnetlabs.m4 in the repo and allow CFLAGS passed to configure to set the flags.
signature.asc
Description: PGP signature
_______________________________________________ nsd-users mailing list nsd-users@lists.nlnetlabs.nl https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
