PowerDNS an open source DNS server

PowerDNS is a DNS server with a database (within which it supports a wide variety of databases, including MySQL, PostgreSQL, SQLite3, Oracle and Microsoft SQL Server, as well as in LDAP) and plain text files in BIND format, as backend making it easy to manage a large number of DNS entries.

The answer is can filter additionally (for example, to filter spam) or redirect connecting your own drivers in Lua, Java, Perl, Python, Ruby, C and C ++. Among the features, funds are also allocated for remote statistics collection, including via SNMP or via web API (http server is built in for statistics and management), instant restart, built-in engine to connect drivers in the language Lua, the ability to balance load based on the customer's geographic location.

The developers have previously decided to separately publish the two parts that make up PowerDNS, a recurring and an authoritative name server, in order to release a new version faster and more specifically, according to the developers.

And good, a few days ago the developers released a new version of PowerDNS 4.2.0, version that according to the developers of the project, serves approximately 30% of the total number of domains in Europe (if we consider only domains with DNSSEC signatures, then 90%). The project code is distributed under the GPLv2 license and can be consulted from the following link

Main new features of PowerDNS 4.2.0

In the announcement of this new version of PowerDNS 4.2.0 the addition of the ability to define registers with controllers in the Lua language is highlighted, With which you can create sophisticated controllers that take into account when sending AS data, subnets, proximity to the user, etc.

Lua logging support is implemented for all storage backends, including BIND and LMDB. For example, to return data taking into account the background check for host availability in the zone settings, you can now specify:

@ IN LUA A "ifportup (443, {'52 .48.64.3 ', '45 .55.10.200'})"

A new utility has been added ixfrdist, which allows zones to be transferred from an authorized server using AXFR and IXFR requests, taking into account the relevance of the transmitted data (for each domain, the SOA number is verified and only new versions of the zone are downloaded). The utility enables you to organize zone synchronization across a large number of secondary and recursive servers without creating a large load on the primary server.

powerdns-resource

In preparation for the 2020 DNS flag day initiative, the udp-truncation-threshold parameter, which is responsible for trimming UDP responses to the client, was lowered from 1680 to 1232, which should significantly reduce the probability of packet loss UDP.

The value 1232 is chosen, since it is the maximum at which the size of the DNS response, taking IPv6 into account, adjusts to the minimum value of MTU (1280);

A new storage backend based on the LMDB database has been added.

The backend is fully DNSSEC compliant, can be used for master and slave zones, and provides better performance than most other backends.

Discontinued support for poorly documented "autoserial" feature, which prevented some issues from being fixed.

In accordance with the requirements of RFC 8624 (GOST R 34.11-2012 moved to the category "MUST NOT"), DNSSEC discontinued support for GOST DS hashes and ECC-GOST digital signatures.

PowerDNS made a change to the six month development cycle, according to which the next significant version of PowerDNS is expected to be released in February 2020.

Updates for major releases will be generated throughout the year, after which vulnerability fixes will be issued for another six months. Therefore, support for the PowerDNS 4.2 Authorized Server branch will last until January 2021.

For those interested in testing this DNS server, you can download and follow the build instructions from the following link.

They can also find a management interface for this server on the network.


A comment, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   to Col said

    * and * plain * text files in BIND format