4 Before proceeding, it is advised to check the release notes for your
5 PowerDNS version, as specified in the name of the distribution file.
7 Please upgrade to the PowerDNS Authoritative Server 4.0.0 from 3.4.2+.
8 See the `3.X <https://doc.powerdns.com/3/authoritative/upgrading/>`__
9 upgrade notes if your version is older than 3.4.2.
14 - Recursion has been removed, see the :doc:`dedicated migration guide <guides/recursion>`.
15 - ALIAS record expension is disabled by default, use :ref:`setting-expand-alias` to enable.
16 - The :doc:`LDAP Backend <backends/ldap>` now supports additional Record types
31 - ``experimental-lua-policy-script`` option and the feature itself have
32 been completely dropped. We invite you to use `PowerDNS
33 dnsdist <https://dnsdist.org>`_ instead.
35 - As recursion has been removed from the Authoritative Server, the
36 ``allow-recursion``, ``recursive-cache-ttl`` and ``recursor`` options have
39 - ``default-ksk-algorithms`` has been renamed to :ref:`setting-default-ksk-algorithm`
40 and only supports a single algorithm name now.
42 - ``default-zsk-algorithms`` has been renamed to :ref:`setting-default-zsk-algorithm`
43 and only supports a single algorithm name now.
51 The ``--with-pgsql``, ``--with-pgsql-libs``, ``--with-pgsql-includes``
52 and ``--with-pgsql-config`` ``configure`` options have been deprecated.
53 ``configure`` now attempts to find the Postgresql client libraries via
54 ``pkg-config``, falling back to detecting ``pg_config``. Use
55 ``--with-pg-config`` to specify a path to a non-default ``pg_config`` if
56 you have Postgresql installed in a non-default location.
58 The improved :doc:`LDAP Backend <backends/ldap>` backend now requires Kerberos headers to be installed.
59 Specifically, it needs `krb5.h` to be installed.
70 - :ref:`setting-any-to-tcp` changed from ``no`` to ``yes``
78 No changes have been made to the database schema. However, several
79 superfluous queries have been dropped from the SQL backend. Furthermore,
80 the generic SQL backends switched to prepared statements. If you use a
81 non-standard SQL schema, please review the new defaults.
83 - ``insert-ent-query``, ``insert-empty-non-terminal-query``,
84 ``insert-ent-order-query`` have been replaced by one query named
85 ``insert-empty-non-terminal-order-query``
86 - ``insert-record-order-query`` has been dropped,
87 ``insert-record-query`` now sets the ordername (or NULL)
88 - ``insert-slave-query`` has been dropped, ``insert-zone-query`` now
94 Several options have been removed or renamed, for the full overview of
95 all options, see :doc:`settings`.
100 The following options have been renamed:
102 - ``experimental-json-interface`` ==> :ref:`setting-api`
103 - ``experimental-api-readonly`` ==> :ref:`setting-api-readonly`
104 - ``experimental-api-key`` ==> :ref:`setting-api-key`
105 - ``experimental-dname-processing`` ==> :ref:`setting-dname-processing`
106 - ``experimental-dnsupdate`` ==> :ref:`setting-dnsupdate`
107 - ``allow-dns-update-from`` ==> :ref:`setting-allow-dnsupdate-from`
108 - ``forward-dnsupdates`` ==> :ref:`setting-forward-dnsupdate`
113 - :ref:`setting-default-ksk-algorithms`
114 changed from rsasha256 to ecdsa256
115 - :ref:`setting-default-zsk-algorithms`
116 changed from rsasha256 to empty
121 The following options are removed:
123 - ``pipebackend-abi-version``, it now a setting per-pipe backend.
124 - ``strict-rfc-axfrs``
125 - ``send-root-referral``
130 The API path has changed to ``/api/v1``.
132 Incompatible change: ``SOA-EDIT-API`` now follows ``SOA-EDIT-DNSUPDATE``
133 instead of ``SOA-EDIT`` (incl. the fact that it now has a default value
134 of ``DEFAULT``). You must update your existing ``SOA-EDIT-API`` metadata
135 (set ``SOA-EDIT`` to your previous ``SOA-EDIT-API`` value, and
136 ``SOA-EDIT-API`` to ``SOA-EDIT`` to keep the old behaviour).
138 Resource Record Changes
139 ^^^^^^^^^^^^^^^^^^^^^^^
141 Since PowerDNS 4.0.0 the CAA resource record (type 257) is supported.
142 Before PowerDNS 4.0.0 type 257 was used for a proprietary MBOXFW
143 resource record, which was removed from PowerDNS 4.0. Hence, if you used
144 CAA records with 3.4.x (stored in the DB with wrong type=MBOXFW but
145 worked fine) and upgrade to 4.0, PowerDNS will fail to parse this
146 records and will throw an exception on all queries for a label with
147 MBOXFW records. Thus, make sure to clean up the records in the DB.
149 In version 3.X, the PowerDNS Authoritative Server silently ignored records that
150 have a 'priority' field (like MX or SRV), but where one was not in the database.
151 In 4.X, :doc:`pdnsutil check-zone <manpages/pdnsutil.1>` will complain about this.