[nsd-users] NSD 4.8.0 released
Wouter Wijngaards
wouter at nlnetlabs.nl
Wed Dec 6 09:24:09 UTC 2023
Hi,
NSD 4.8.0 is available:
https://nlnetlabs.nl/downloads/nsd/nsd-4.8.0.tar.gz
sha256 820da4e384721915f4bcaf7f2bed98519da563c6e4c130c742c724760ec02a0a
pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.8.0.tar.gz.asc
This release introduces PROXYv2 support and faster statistics gathering,
removes the database option and fixes bugs.
The proxy protocol support is an implementation of PROXYv2 for NSD.
It can be configured with `proxy-protocol-port: portnum` with the port
number of the interface on which proxy traffic is handled. The
interface can support proxy traffic for UDP, TCP and TLS.
The removal of the "database: nsd.db" option removes unneeded code. It
stored secondary zones in binary format. Zone files are used instead.
This turns out to be about the same speed, for file access, and use
much less memory. Plain text is also easier to deal with when inspecting
the contents. Intended improvements in zone parser speed are expected
to further enhance the performance, making it faster than the binary
database.
The option to turn the database off with "" was introduced in 4.1.7
in 2015. It is now removed, and the 'database:' option is ignored for
backwards compatibility, also the commandline '-f' option is ignored for
backwards compatibility. This means NSD can start even though the option
is present, and can then transfer zones from the primary and serve them.
Statistics are processed faster. NSD now uses shared memory to convey
the statistics from the server processes to the xfrd process. This is
faster, and also works while a reload is in progress. The statistics are
no longer written over the command pipes between processes, and so do
not wait for the processes. It is similar to how zone-stats have been
implemented. It works for both stats and stats_noreset.
Thanks to Sunet for sponsoring the proxy protocol, and providing
useful feedback in the early testing of the proxy protocol.
4.8.0
================
FEATURES:
- Merge #281: Proxy protocol. An implementation of PROXYv2 for NSD.
It can be configured with proxy-protocol-port: portnum with the
port number of the interface on which proxy traffic is handled.
The interface can support proxy traffic for UDP, TCP and TLS.
- Merge #301: improve the logging of ixfr fallbacks to axfr.
- Merge #305: faster stats. Statistics can be gathered while a reload
is in progress.
BUG FIXES:
- Merge #282: Improve nsd.conf man page.
- Fix unused but set variable warning.
- Fix #283: Compile failure in remote.c when --disable-bind8-stats
and --without-ssl are specified.
- Fix #284: dnstap_collector.c: SOCK_NONBLOCK is not available on
Mac/Darwin.
- Fix unused variable warning in unit test of udb.
- Merge #287: Update nsd.conf.5.in.
- Fix autoconf 2.69 warnings in configure.
- Merge #295: Update e-mail addresses, add ref to support contracts
- Fix for interprocess communication to set quit sync command from
main process explicitly.
- Fix processing of consolidated IXFRs.
- Remove on-disk database.
- Answer first query for connections accepted just before reload.
- Fix: Always instate write handler after reading a query over TCP.
- Fix #14: Set timeout to 3s when servicing remaining TCP connections.
- Merge #302: Test package fixes. Correct Auxfiles, kill_from_pidfile
function and fix drop_updates, rr-test and xfr_update tests.
- Fix unit test kill_from_pidfile function for nonexistent files
because the argument is evaluated before the test expression.
- Fix rr-test to also convert the contents of the just written output
file.
- Fix test set to remove -f nsd.db and rm nsd.db commands.
- Fix test set to remove difffile option.
Best regards, Wouter
More information about the nsd-users
mailing list