this case, ``named`` attempts to answer DNS requests with stale data,
but does not start the ``stale-refresh-time`` window. [GL #2434]
-- A new option, ``purge-keys``, has been added to ``dnssec-policy``. It sets
- the time how long key files should be retained after they have become
- obsolete (due to a key rollover). Default is 90 days, and the feature can
- be disabled by setting it to 0. [GL #2408]
+- A new ``purge-keys`` option has been added to ``dnssec-policy``. It
+ sets the period of time that key files are retained after becoming
+ obsolete due to a key rollover; the default is 90 days. This feature
+ can be disabled by setting ``purge-keys`` to 0. [GL #2408]
Removed Features
~~~~~~~~~~~~~~~~
Bug Fixes
~~~~~~~~~
-- If an outgoing packet would exceed max-udp-size, it would be dropped instead
- of sending a proper response back. Rollback setting the IP_DONTFRAG on the
- UDP sockets that we enabled during the DNS Flag Day 2020 to fix this issue.
- [GL #2487]
+- If an outgoing packet exceeded ``max-udp-size``, ``named`` dropped it
+ instead of sending back a proper response. To prevent this problem,
+ the ``IP_DONTFRAG`` option is no longer set on UDP sockets, which has
+ been happening since BIND 9.16.11. [GL #2466]
-- NSEC3 records were not immediately created when signing a dynamic zone with
- ``dnssec-policy`` and ``nsec3param``. This has been fixed [GL #2498].
+- NSEC3 records were not immediately created when signing a dynamic zone
+ using ``dnssec-policy`` with ``nsec3param``. This has been fixed.
+ [GL #2498]
-- An invalid direction field (not one of 'N'/'S' or 'E'/'W') in a LOC record
- triggered an INSIST failure. [GL #2499]
+- An invalid direction field (not one of ``N``, ``S``, ``E``, ``W``) in
+ a LOC record resulted in an INSIST failure when a zone file containing
+ such a record was loaded. [GL #2499]
-- Previously, a BIND server could experience an unexpected server termination
- (crash) if the return of stale cached answers was enabled and
- ``stale-answer-client-timeout`` was applied to a client query in process.
- This has been fixed. [GL #2503]
+- ``named`` crashed when it was allowed to serve stale answers and
+ ``stale-answer-client-timeout`` was triggered without any (stale) data
+ available in the cache to answer the query. [GL #2503]
- Zone journal (``.jnl``) files created by versions of ``named`` prior
to 9.16.12 were no longer compatible; this could cause problems when
- upgrading if journal files were not synchronized first. This has been
- corrected: older journal files can now be read when starting up. When
- an old-style journal file is detected, it is updated to the new
- format immediately after loading.
+ upgrading if journal files were not synchronized first. This has been
+ corrected: older journal files can now be read when starting up. When
+ an old-style journal file is detected, it is updated to the new format
+ immediately after loading.
Note that journals created by the current version of ``named`` are not
usable by versions prior to 9.16.12. Before downgrading to a prior
A journal file's format can be changed manually by running
``named-journalprint -d`` (downgrade) or ``named-journalprint -u``
(upgrade). Note that this *must not* be done while ``named`` is
- running. [GL #2505]
+ running. [GL #2505]
projects / thirdparty / bind9.git / commitdiff
