--- /dev/null
+..
+ Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+
+ This Source Code Form is subject to the terms of the Mozilla Public
+ License, v. 2.0. If a copy of the MPL was not distributed with this
+ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+ See the COPYRIGHT file distributed with this work for additional
+ information regarding copyright ownership.
+
+Notes for BIND 9.17.0
+---------------------
+
+Known Issues
+~~~~~~~~~~~~
+
+- UDP network ports used for listening can no longer simultaneously be
+ used for sending traffic. An example configuration which triggers
+ this issue would be one which uses the same ``address:port`` pair for
+ ``listen-on(-v6)`` statements as for ``notify-source(-v6)`` or
+ ``transfer-source(-v6)``. While this issue affects all operating
+ systems, it only triggers log messages (e.g. "unable to create
+ dispatch for reserved port") on some of them. There are currently no
+ plans to make such a combination of settings work again.
+
+New Features
+~~~~~~~~~~~~
+
+- When a secondary server receives a large incremental zone transfer
+ (IXFR), it can have a negative impact on query performance while the
+ incremental changes are applied to the zone. To address this,
+ ``named`` can now limit the size of IXFR responses it sends in
+ response to zone transfer requests. If an IXFR response would be
+ larger than an AXFR of the entire zone, it will send an AXFR response
+ instead.
+
+ This behavior is controlled by the ``max-ixfr-ratio`` option - a
+ percentage value representing the ratio of IXFR size to the size of a
+ full zone transfer. The default is ``100%``. [GL #1515]
+
+- A new RPZ option ``nsdname-wait-recurse`` controls whether
+ RPZ-NSDNAME rules should always be applied even if the names of
+ authoritative name servers for the query name need to be looked up
+ recurively first. The default is ``yes``. Setting it to ``no`` speeds
+ up initial responses by skipping RPZ-NSDNAME rules when name server
+ domain names are not yet in the cache. The names will be looked up in
+ the background and the rule will be applied for subsequent queries.
+ [GL #1138]
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- The system-provided POSIX Threads read-write lock implementation is
+ now used by default instead of the native BIND 9 implementation.
+ Please be aware that glibc versions 2.26 through 2.29 had a bug_ that
+ could cause BIND 9 to deadlock. A fix was released in glibc 2.30, and
+ most current Linux distributions have patched or updated glibc, with
+ the notable exception of Ubuntu 18.04 (Bionic) which is a work in
+ progress. If you are running on an affected operating system, compile
+ BIND 9 with ``--disable-pthread-rwlock`` until a fixed version of
+ glibc is available. [GL !3125]
+
+.. _bug: https://sourceware.org/bugzilla/show_bug.cgi?id=23844
+
+- The ``rndc nta -dump`` and ``rndc secroots`` commands now both
+ include ``validate-except`` entries when listing negative trust
+ anchors. These are indicated by the keyword ``permanent`` in place of
+ the expiry date. [GL #1532]
+
+Bug Fixes
+~~~~~~~~~
+
+- Fixed re-signing issues with inline zones which resulted in records
+ being re-signed late or not at all.
./doc/misc/sort-options.pl PERL 2007,2012,2016,2018,2019,2020
./doc/misc/static-stub.zoneopt X 2018,2019,2020
./doc/misc/stub.zoneopt X 2018,2019,2020
+./doc/notes/notes-9.17.0.rst RST 2020
./docutil/HTML_COPYRIGHT X 2001,2004,2016,2018,2019,2020
./docutil/MAN_COPYRIGHT X 2001,2004,2016,2018,2019,2020
./docutil/patch-db2latex-duplicate-template-bug X 2007,2018,2019,2020
projects / thirdparty / bind9.git / commitdiff
