Hello everyone,
we're happy to announce that the Knot DNS 1.2.0 final is out after the fourth release candidate.
Just to reiterate what's new and fixed in the 1.2.0, we brought 3 new features in the 1.2.0.
First is a support for dynamic updates (DDNS) including forwarding to the primary master,
which received a couple of bugfixes in the early release candidates.
Since the third release candidate there is a Response Rate Limiting as a new way to combat increasing amplification/reflection attacks.
It's been slightly reworked since the release candidate and disabled by default. You can enable it by setting 'rate-limit' config option to a sensible value.
Last feature is a reworked control utility which is now able to control the daemon remotely and even introduced a few new commands, namely 'zonestatus' to
fetch the status of served zones. Aside from the new features, it also fixes a few bugs. Namely missing RRSIGs in the response to the ANY type, processing of some malicious domain names and a detection of broken implementation of recvmmsg() on some Linux distributions.