Hello everyone,
we're happy to announce that the Knot DNS 1.2.0 final is out after the
fourth release candidate.
Just to reiterate what's new and fixed in the 1.2.0, we brought 3 new
features in the 1.2.0.
First is a support for dynamic updates (DDNS) including forwarding to the
primary master,
which received a couple of bugfixes in the early release candidates.
Since the third release candidate there is a Response Rate Limiting as a
new way to combat increasing amplification/reflection attacks.
It's been slightly reworked since the release candidate and disabled by
default. You can enable it by setting 'rate-limit' config option to a
sensible value.
Last feature is a reworked control utility which is now able to control the
daemon remotely and even introduced a few new commands, namely 'zonestatus'
to
fetch the status of served zones. Aside from the new features, it also
fixes a few bugs. Namely missing RRSIGs in the response to the ANY type,
processing of some malicious domain names and a detection of broken
implementation of recvmmsg() on some Linux distributions.
As usual, you can find a full list of changes at
https://redmine.labs.nic.cz/projects/knot-dns/repository/revisions/v1.2.0/e…
Sources:
https://secure.nic.cz/files/knot-dns/knot-1.2.0.tar.gz
GPG signature:
https://secure.nic.cz/files/knot-dns/knot-1.2.0.tar.gz.asc
Packages available at
www.knot-dns.cz will be updated soon as well.
Cheers,
Marek
--
Marek Vavruša Knot DNS
CZ.NIC Labs
http://www.knot-dns.cz
-------------------------------------------
Americká 23, 120 00 Praha 2, Czech Republic
WWW:
http://labs.nic.cz http://www.nic.cz