[knot-dns-users] Knot DNS 2.1.0 (final release)

Jan Včelák jan.vcelak at nic.cz
Thu Jan 14 11:04:57 CET 2016


Hello everyone.

I'm glad to tell you that Knot DNS 2.1.0 by CZ.NIC Labs was just released.

Thank you for the feedback on the release candidate. I believe we have
addressed all the issues and bug reports we have received.

Let me just quickly summarize the news in the 2.1.0 you already know about:
SO_REUSEPORT support, binary configuration database, PKCS #11 support in
DNSSEC, zone file name formatters, configurable location for timer database,
experimental module for online signing, and many other improvements. If you are
interested in details, please, see the 2.1.0-rc1 announcement.

And now finally, we are getting to the news in the final release:

- We have resolved the problem with the server crashing when configured with
  a high number of interfaces and threads. This problem started to affect
  more people because of the introduction of the SO_REUSEPORT support which
  causes a higher allocation of file descriptors.

- We have changed the '%s' zone file name formatter behavior for the root zone.
  In the release candidate, the trailing dot was skipped for all zones except
  for the root zone. In 2.1.0, the trailing dot is skipped even for the root
  zone. The root zone therefore expands to an empty string. This should make
  your Ansible templates less hacky.

- The keymgr now supports KASP database upgrade. So if you have initialized
  the database with Knot DNS 2.0, please, run 'keymgr init' in the KASP
  directory to avoid DNSSEC 'invalid parameter' errors. The command is
  idempotent, it won't rewrite your existing settings.

- We have removed the possibility to run knotc over a network socket. The
  interface allows altering the configuration and possibly sensitive content
  (e.g. TSIG keys) could appear on the network in plain text. We are working
  on some better configuration interface which will (among other things)
  guarantee confidentiality.

- We have also fixed a problem with slave zone bootstrapping when the server
  launches and the slave zone fails to load from a zone file. In this case, an
  immediate zone transfer is scheduled. Prior to this release, the transfer
  had to be initiated manually by knotc.

Thank you for reading so far. Hopefully I haven't forgotten about anything
important. And as always, we are here for you to answer any questions.

Full changelog:
https://gitlab.labs.nic.cz/labs/knot/raw/v2.1.0/NEWS

Sources:
https://secure.nic.cz/files/knot-dns/knot-2.1.0.tar.xz

GPG signature:
https://secure.nic.cz/files/knot-dns/knot-2.1.0.tar.xz.asc

Best Regards,

Jan

--
 Jan Včelák, Knot DNS
 CZ.NIC Labs https://www.knot-dns.cz
 --------------------------------------------
 Milešovská 5, 130 00 Praha 3, Czech Republic
 WWW: https://labs.nic.cz https://www.nic.cz

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nic.cz/pipermail/knot-dns-users/attachments/20160114/b9c81d07/attachment.sig>


More information about the knot-dns-users mailing list