-@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2024052801 10800 3600 604800 10800
+@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2024060501 10800 3600 604800 10800
@ 3600 IN NS pdns-public-ns1.powerdns.com.
@ 3600 IN NS pdns-public-ns2.powerdns.com.
recursor-5.0.3.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html"
recursor-5.0.4.security-status 60 IN TXT "1 OK"
recursor-5.0.5.security-status 60 IN TXT "1 OK"
+recursor-5.0.6.security-status 60 IN TXT "1 OK"
recursor-5.1.0-alpha1.security-status 60 IN TXT "1 OK"
; Recursor Debian
For example, in the default setup the root name servers are called ``[a-m].root-servers.net``, so the :program:`Recursor` will resolve the name servers of the ``.net`` domain.
This is needed to correctly determine zone cuts to be able to decide if the ``.root-servers.net`` domain is DNSSEC protected. Newer versions solve this by querying the needed information top-down.
-Starting with version 5.0.0, enabling :ref:`allow-no-rd` allows for queries without the recursion desired bit to be answered from cache.
-Older versions of the ``dig`` program provided by ISC do not set the RD bit on the initial ``+trace`` query causing it to sometimes fail to perform a ``+trace`` when asking a freshly restarted :program:`Recursor` despite the :ref:`allow-no-rd` option being set.
+Starting with version 5.0.0, enabling :ref:`setting-allow-no-rd` allows for queries without the recursion desired bit to be answered from cache.
+Older versions of the ``dig`` program provided by ISC do not set the RD bit on the initial ``+trace`` query causing it to sometimes fail to perform a ``+trace`` when asking a freshly restarted :program:`Recursor` despite the :ref:`setting-allow-no-rd` option being set.
This is because there is a short while after restarting that the cache has no authoritative data on the root, so it will answer with an NODATA (NOERROR and no answer records) in that period for RD=0 queries asking for the root name servers.
-For ``dig`` this has been fixed in `BIND 9.15.1 <https://gitlab.isc.org/isc-projects/bind9/-/issues/1028>` by setting the RD bit.
\ No newline at end of file
+For ``dig`` this has been fixed in `BIND 9.15.1 <https://gitlab.isc.org/isc-projects/bind9/-/issues/1028>`_ by setting the RD bit.
Before upgrading, it is advised to read the :doc:`../upgrade`.
+.. changelog::
+ :version: 5.0.6
+ :released: 5th of June 2024
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 14223
+ :tickets: 14197
+
+ YaHTTP: Enforce max # of request fields and max request line size.
+
+ .. change::
+ :tags: Improvements
+ :pullreq: 14222
+ :tickets: 14185
+
+ Report error and adjust max-mthreads when linux map limit (vm.max_map_count) is too low to accomodate resource usage under load.
+
.. changelog::
:version: 5.0.5
:released: 14th of May 2024
Before upgrading, it is advised to read the :doc:`changelog/index`.
When upgrading several versions, please read **all** notes applying to the upgrade.
-5.0.5 to 5.1.0 and master
+5.0.6 to 5.1.0 and master
-------------------------
New settings
- The :ref:`setting-max-qperq` default value has been lowered to 50, and the qname-minimization special case has been removed.
- Disabling :ref:`setting-structured-logging` is no longer supported.
- The :ref:`setting-structured-logging-backend` setting has gained the possibility to request JSON formatted output of structured logging information.
+
+5.0.5 to 5.0.6
+--------------
+
+Changed settings
+^^^^^^^^^^^^^^^^
+
- The :ref:`setting-max-mthreads` setting will be adjusted to a lower value if the value of ``sysctl vm.max_map_count`` is too low to support the maximum number of mthread stacks. In this case :program:`Recursor` logs an error message including the suggested value of ``vm.max_map_count`` to not cause lowering of :ref:`setting-max-mthreads`.
5.0.4 to 5.0.5
projects / thirdparty / pdns.git / commitdiff
