mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-27 04:28:33 +00:00
Code Issues Releases Wiki Activity
bind/doc/notes/notes-current.rst
Michał Kępień 451b29cbbf Tweak and reword release notes
2021-06-16 22:18:12 +02:00

89 lines
3.1 KiB
ReStructuredText
Raw Blame History

..
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.
See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.
Notes for BIND 9.17.14
----------------------
Security Fixes
~~~~~~~~~~~~~~
- None.
Known Issues
~~~~~~~~~~~~
- None.
New Features
~~~~~~~~~~~~
- New configuration options, ``tcp-receive-buffer``,
``tcp-send-buffer``, ``udp-receive-buffer``, and ``udp-send-buffer``,
have been added. These options allow the operator to fine-tune the
receiving and sending buffers in the operating system. On busy
servers, increasing the size of the receive buffers can prevent the
server from dropping packets during short traffic spikes, and
decreasing it can prevent the server from becoming clogged with
queries that are too old and have already timed out. :gl:`#2313`
- Zone dumping tasks are now run on separate asynchronous thread pools.
This change prevents zone dumping from blocking network I/O.
:gl:`#2732`
Removed Features
~~~~~~~~~~~~~~~~
- Support for compiling and running BIND 9 natively on Windows has been
completely removed. The last release branch that has working Windows
support is BIND 9.16. :gl:`#2690`
Feature Changes
~~~~~~~~~~~~~~~
- The interface handling code has been refactored to use fewer
resources, which should lead to less memory fragmentation and better
startup performance. :gl:`#2433`
Bug Fixes
~~~~~~~~~
- A race condition could occur when reading and writing key files for
zones using KASP and configured in multiple views. This has been
fixed. :gl:`#1875`
- Zones which are configured in multiple views, with different values
set for ``dnssec-policy`` and with identical values set for
``key-directory``, are now detected and treated as a configuration
error. :gl:`#2463`
- The calculation of the estimated IXFR transaction size in
``dns_journal_iter_init()`` was invalid. This resulted in excessive
AXFR-style IXFR responses. :gl:`#2685`
- If a query was answered with stale data on a server with DNS64
enabled, an assertion could occur if a non-stale answer arrived
afterward. This has been fixed. :gl:`#2731`
- Fixed an assertion failure that could occur if stale data was used to
answer a query, and then a prefetch was triggered after the query was
restarted (for example, to follow a CNAME). :gl:`#2733`
- Fixed an error which caused the ``IP_DONTFRAG`` socket option to be
enabled instead of disabled, leading to errors when sending oversized
UDP packets. :gl:`#2746`
- Fixed a bug that caused the NSEC salt to be changed for KASP zones on
every startup. :gl:`#2725`
- Signed, insecure delegation responses prepared by ``named`` either
lacked the necessary NSEC records or contained duplicate NSEC records
when both wildcard expansion and CNAME chaining were required to
prepare the response. This has been fixed. :gl:`#2759`
Reference in New Issue View Git Blame Copy Permalink