Hi,
NSD 4.1.4rc1 maintainers pre-release candidate 1 is available:
http://www.nlnetlabs.nl/downloads/nsd/nsd-4.1.4rc1.tar.gz
sha1 787dba69fc4a9ceba2e0ea4a712551e3a02302e5
sha256 6a8dd9ae36ed181fc9af15c1ba98bd6ce5306f180010d14390e9f08c64902197
This release has fixes for operational issues: for NSID responses and
for fetching expired zones with wrong serial management.
There are also installation changes. The number of interface: lines
in nsd.conf is unlimited. The reuseport: yes option is enabled by
default for Linux, but not enabled by default on FreeBSD where it
apparently is available but not implemented, it can still also be
controlled from nsd.conf. When enabled and it works it gives
(sizable) speed improvements on multicore systems. Packagers may want
to use the newly added --enable-pie and --enable-relro-now options to
link a safer binary (but you may already have them if you use custom
LDFLAGS).
FEATURES:
- - RFC7553 RR Type URI support.
- - removed hardcoded interface limit, --with-max-ips removed.
- - SO_REUSEPORT support, by default on Linux, or with reuseport: yes.
- - Admitted axfrs are logged at verbosity 1. Refused at verbosity 2.
- - --enable-pie and --enable-relro-now options for a safer executable.
BUG FIXES:
- - Fix NSID response for short edns sizes.
- - Fix that for expired zones NSD performs an AXFR and accepts newer
and older serial numbers.
- - Document that minimal responses only minimizes responses to fit
in one datagram. It does not minimize smaller responses.
- - Fix #618: documented need to list ip-addresses seperately in
nsd.conf if there are multiple, because the source address of
replies can otherwise go wrong.
- - Fix that notify from nsd-control contains soa serial.
- - Fix #698 formatting errors and typos in nsd.8.in.
Best regards,
Wouter