summaryrefslogtreecommitdiffstats
path: root/doc/notes/notes-9.16.8.rst
blob: e441e4268407b43a357828e66bcdc16b7c4bd3bd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
..
.. SPDX-License-Identifier: MPL-2.0
..
.. This Source Code Form is subject to the terms of the Mozilla Public
.. License, v. 2.0.  If a copy of the MPL was not distributed with this
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
..
.. See the COPYRIGHT file distributed with this work for additional
.. information regarding copyright ownership.

Notes for BIND 9.16.8
---------------------

New Features
~~~~~~~~~~~~

- Add a new ``rndc`` command, ``rndc dnssec -rollover``, which triggers
  a manual rollover for a specific key. :gl:`#1749`

- Add a new ``rndc`` command, ``rndc dumpdb -expired``, which dumps the
  cache database, including expired RRsets that are awaiting cleanup, to
  the ``dump-file`` for diagnostic purposes. :gl:`#1870`

Feature Changes
~~~~~~~~~~~~~~~

- DNS Flag Day 2020: The default EDNS buffer size has been changed from
  4096 to 1232 bytes. According to measurements done by multiple
  parties, this should not cause any operational problems as most of the
  Internet "core" is able to cope with IP message sizes between
  1400-1500 bytes; the 1232 size was picked as a conservative minimal
  number that could be changed by the DNS operator to an estimated path
  MTU minus the estimated header space. In practice, the smallest MTU
  witnessed in the operational DNS community is 1500 octets, the maximum
  Ethernet payload size, so a useful default for maximum DNS/UDP payload
  size on reliable networks would be 1432 bytes. :gl:`#2183`

Bug Fixes
~~~~~~~~~

- ``named`` reported an invalid memory size when running in an
  environment that did not properly report the number of available
  memory pages and/or the size of each memory page. :gl:`#2166`

- With multiple forwarders configured, ``named`` could fail the
  ``REQUIRE(msg->state == (-1))`` assertion in ``lib/dns/message.c``,
  causing it to crash. This has been fixed. :gl:`#2124`

- ``named`` erroneously performed continuous key rollovers for KASP
  policies that used algorithm Ed25519 or Ed448 due to a mismatch
  between created key size and expected key size. :gl:`#2171`

- Updating contents of an RPZ zone which contained names spelled using
  varying letter case could cause some processing rules in that RPZ zone
  to be erroneously ignored. :gl:`#2169`

Known Issues
~~~~~~~~~~~~

- There are no new known issues with this release. See :ref:`above
  <relnotes_known_issues>` for a list of all known issues affecting this
  BIND 9 branch.