]>
Commit | Line | Data |
---|---|---|
0e2063c3 PL |
1 | Upgrade Notes |
2 | ============= | |
3 | ||
4 | Before proceeding, it is advised to check the release notes for your | |
5 | PowerDNS version, as specified in the name of the distribution file. | |
6 | ||
7 | Please upgrade to the PowerDNS Authoritative Server 4.0.0 from 3.4.2+. | |
8 | See the `3.X <https://doc.powerdns.com/3/authoritative/upgrading/>`__ | |
9 | upgrade notes if your version is older than 3.4.2. | |
10 | ||
d3dfd71e PD |
11 | 4.1.X to 4.2.0 |
12 | -------------- | |
13 | ||
14 | - Superslave operation is no longer enabled by default, use :ref:`setting-superslave` to enable. This setting was called ``supermaster`` in some 4.2.0 prereleases. | |
367f9b40 | 15 | - The gsqlite3 backend, and the DNSSEC database for the BIND backend, have a new journal-mode setting. This setting defaults to `WAL <https://www.sqlite.org/wal.html>`_; older versions of PowerDNS did not set the journal mode, which means they used the SQLite default of DELETE. |
4d39fb4b | 16 | - Autoserial support has been removed. The ``change_date`` column has been removed from the ``records`` table in all gsql backends, but leaving it in is harmless. |
a84c85c1 | 17 | - The :doc:`Generic PostgreSQL backend <backends/generic-postgresql>` schema has changed: the ``notified_serial`` column type in the ``domains`` table has been changed from ``INT DEFAULT NULL`` to ``BIGINT DEFAULT NULL``: ``ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END;`` |
d3dfd71e | 18 | |
1346a21e EW |
19 | 4.1.0 to 4.1.1 |
20 | -------------- | |
21 | ||
22 | - The :doc:`Generic MySQL backend <backends/generic-mysql>` schema has | |
23 | changed: the ``notified_serial`` column default in the ``domains`` | |
24 | table has been changed from ``INT DEFAULT NULL`` to ``INT UNSIGNED | |
25 | DEFAULT NULL``: | |
26 | ||
27 | - ``ALTER TABLE domains MODIFY notified_serial INT UNSIGNED DEFAULT NULL;`` | |
28 | ||
0e2063c3 PL |
29 | 4.0.X to 4.1.0 |
30 | -------------- | |
31 | ||
22544d28 | 32 | - Recursion has been removed, see the :doc:`dedicated migration guide <guides/recursion>`. |
7a88a92f | 33 | - ALIAS record expansion is disabled by default, use :ref:`setting-expand-alias` to enable. |
bab2a886 EW |
34 | - *Your LDAP schema might need to be updated*, because new record types |
35 | have been added (see below) and the ``dNSDomain2`` type has been | |
36 | changed. | |
22544d28 PL |
37 | - The :doc:`LDAP Backend <backends/ldap>` now supports additional Record types |
38 | ||
39 | - NSEC3 | |
40 | - NSEC3PARAM | |
41 | - TLSA | |
42 | - CDS | |
43 | - CDNSKEY | |
44 | - OPENPGPKEY | |
45 | - TKEY | |
46 | - URI | |
47 | - CAA | |
0e2063c3 PL |
48 | |
49 | Changed options | |
50 | ^^^^^^^^^^^^^^^ | |
51 | ||
52 | - ``experimental-lua-policy-script`` option and the feature itself have | |
10200e92 PL |
53 | been completely dropped. We invite you to use `PowerDNS |
54 | dnsdist <https://dnsdist.org>`_ instead. | |
0e2063c3 | 55 | |
621f5105 PL |
56 | - As recursion has been removed from the Authoritative Server, the |
57 | ``allow-recursion``, ``recursive-cache-ttl`` and ``recursor`` options have | |
58 | been removed as well. | |
59 | ||
c01b3507 PL |
60 | - ``default-ksk-algorithms`` has been renamed to :ref:`setting-default-ksk-algorithm` |
61 | and only supports a single algorithm name now. | |
62 | ||
63 | - ``default-zsk-algorithms`` has been renamed to :ref:`setting-default-zsk-algorithm` | |
64 | and only supports a single algorithm name now. | |
65 | ||
0e2063c3 PL |
66 | Changed defaults |
67 | ~~~~~~~~~~~~~~~~ | |
68 | ||
ef75af13 EW |
69 | - The default value of :ref:`setting-webserver-allow-from` has been changed from ``0.0.0.0, ::/0`` to ``127.0.0.1, ::1``. |
70 | ||
0e2063c3 PL |
71 | Other changes |
72 | ^^^^^^^^^^^^^ | |
73 | ||
74 | The ``--with-pgsql``, ``--with-pgsql-libs``, ``--with-pgsql-includes`` | |
75 | and ``--with-pgsql-config`` ``configure`` options have been deprecated. | |
76 | ``configure`` now attempts to find the Postgresql client libraries via | |
77 | ``pkg-config``, falling back to detecting ``pg_config``. Use | |
78 | ``--with-pg-config`` to specify a path to a non-default ``pg_config`` if | |
79 | you have Postgresql installed in a non-default location. | |
80 | ||
cb264691 | 81 | The ``--with-libsodium`` configure flag has changed from 'no' to 'auto'. |
67f12ad9 PL |
82 | This means that if libsodium and its development header are installed, it will be linked in. |
83 | ||
d001d2e4 PL |
84 | The improved :doc:`LDAP Backend <backends/ldap>` backend now requires Kerberos headers to be installed. |
85 | Specifically, it needs `krb5.h` to be installed. | |
86 | ||
0e2063c3 PL |
87 | 4.0.X to 4.0.2 |
88 | -------------- | |
89 | ||
90 | Changed options | |
91 | ^^^^^^^^^^^^^^^ | |
92 | ||
93 | Changed defaults | |
94 | ~~~~~~~~~~~~~~~~ | |
95 | ||
96 | - :ref:`setting-any-to-tcp` changed from ``no`` to ``yes`` | |
97 | ||
98 | 3.4.X to 4.0.0 | |
99 | -------------- | |
100 | ||
101 | Database changes | |
102 | ^^^^^^^^^^^^^^^^ | |
103 | ||
104 | No changes have been made to the database schema. However, several | |
105 | superfluous queries have been dropped from the SQL backend. Furthermore, | |
106 | the generic SQL backends switched to prepared statements. If you use a | |
107 | non-standard SQL schema, please review the new defaults. | |
108 | ||
109 | - ``insert-ent-query``, ``insert-empty-non-terminal-query``, | |
110 | ``insert-ent-order-query`` have been replaced by one query named | |
111 | ``insert-empty-non-terminal-order-query`` | |
112 | - ``insert-record-order-query`` has been dropped, | |
113 | ``insert-record-query`` now sets the ordername (or NULL) | |
114 | - ``insert-slave-query`` has been dropped, ``insert-zone-query`` now | |
115 | sets the type of zone | |
116 | ||
117 | Changed options | |
118 | ^^^^^^^^^^^^^^^ | |
119 | ||
120 | Several options have been removed or renamed, for the full overview of | |
121 | all options, see :doc:`settings`. | |
122 | ||
123 | Renamed options | |
124 | ~~~~~~~~~~~~~~~ | |
125 | ||
126 | The following options have been renamed: | |
127 | ||
128 | - ``experimental-json-interface`` ==> :ref:`setting-api` | |
129 | - ``experimental-api-readonly`` ==> :ref:`setting-api-readonly` | |
130 | - ``experimental-api-key`` ==> :ref:`setting-api-key` | |
131 | - ``experimental-dname-processing`` ==> :ref:`setting-dname-processing` | |
132 | - ``experimental-dnsupdate`` ==> :ref:`setting-dnsupdate` | |
133 | - ``allow-dns-update-from`` ==> :ref:`setting-allow-dnsupdate-from` | |
134 | - ``forward-dnsupdates`` ==> :ref:`setting-forward-dnsupdate` | |
135 | ||
136 | Changed defaults | |
137 | ~~~~~~~~~~~~~~~~ | |
138 | ||
139 | - :ref:`setting-default-ksk-algorithms` | |
140 | changed from rsasha256 to ecdsa256 | |
141 | - :ref:`setting-default-zsk-algorithms` | |
142 | changed from rsasha256 to empty | |
143 | ||
144 | Removed options | |
145 | ~~~~~~~~~~~~~~~ | |
146 | ||
147 | The following options are removed: | |
148 | ||
149 | - ``pipebackend-abi-version``, it now a setting per-pipe backend. | |
150 | - ``strict-rfc-axfrs`` | |
151 | - ``send-root-referral`` | |
152 | ||
153 | API | |
154 | ^^^ | |
155 | ||
156 | The API path has changed to ``/api/v1``. | |
157 | ||
158 | Incompatible change: ``SOA-EDIT-API`` now follows ``SOA-EDIT-DNSUPDATE`` | |
159 | instead of ``SOA-EDIT`` (incl. the fact that it now has a default value | |
160 | of ``DEFAULT``). You must update your existing ``SOA-EDIT-API`` metadata | |
161 | (set ``SOA-EDIT`` to your previous ``SOA-EDIT-API`` value, and | |
162 | ``SOA-EDIT-API`` to ``SOA-EDIT`` to keep the old behaviour). | |
163 | ||
164 | Resource Record Changes | |
165 | ^^^^^^^^^^^^^^^^^^^^^^^ | |
166 | ||
167 | Since PowerDNS 4.0.0 the CAA resource record (type 257) is supported. | |
168 | Before PowerDNS 4.0.0 type 257 was used for a proprietary MBOXFW | |
169 | resource record, which was removed from PowerDNS 4.0. Hence, if you used | |
170 | CAA records with 3.4.x (stored in the DB with wrong type=MBOXFW but | |
171 | worked fine) and upgrade to 4.0, PowerDNS will fail to parse this | |
172 | records and will throw an exception on all queries for a label with | |
173 | MBOXFW records. Thus, make sure to clean up the records in the DB. | |
17f0bbcf PL |
174 | |
175 | In version 3.X, the PowerDNS Authoritative Server silently ignored records that | |
176 | have a 'priority' field (like MX or SRV), but where one was not in the database. | |
177 | In 4.X, :doc:`pdnsutil check-zone <manpages/pdnsutil.1>` will complain about this. |