Hi,
NSD 4.1.4 is available:
http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.4.tar.gz
sha1 61985f631d332b6feaeb46d04a7245bb80951921
sha256 d6e0e9cd1f637a3b4bfa48dba47b1564408eb531c57f6a3dda1a2d529df800f0
This release has fixes for operational issues: for NSID responses and
for fetching expired zones with wrong serial management.
There are also installation changes. The number of interface: lines
in nsd.conf is unlimited. The reuseport: yes option is enabled by
default for Linux, but not enabled by default on FreeBSD where it
apparently is available but not implemented, it can still also be
controlled from nsd.conf. When enabled and it works it gives
(sizable) speed improvements on multicore systems. Packagers may want
to use the newly added --enable-pie and --enable-relro-now options to
link a safer binary (but you may already have them if you use custom
LDFLAGS).
FEATURES:
- - RFC7553 RR Type URI support.
- - removed hardcoded interface limit, --with-max-ips removed.
- - SO_REUSEPORT support, by default on Linux, or with reuseport: yes.
- - Admitted axfrs are logged at verbosity 1. Refused at verbosity 2.
- - --enable-pie and --enable-relro-now options for a safer executable.
BUG FIXES:
- - Fix NSID response for short edns sizes.
- - Fix that for expired zones NSD performs an AXFR and accepts newer
and older serial numbers.
- - Document that minimal responses only minimizes responses to fit
in one datagram. It does not minimize smaller responses.
- - Fix #618: documented need to list ip-addresses seperately in
nsd.conf if there are multiple, because the source address of
replies can otherwise go wrong.
- - Fix that notify from nsd-control contains soa serial.
- - Fix #698 formatting errors and typos in nsd.8.in.
Best regards,
Wouter