summaryrefslogtreecommitdiffstats
path: root/CHANGES
blob: 514c0081790b3e322d131f4be2cd2b371c5ae919 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
2021-12-08 Jerry Lundström

    Release 2.9.0

    This release brings a new message suppression option and a way to control
    how many queries are sent over a connection.

    You can now suppress the message about receiving unexpected DNS message
    IDs by using `-O suppress=unexpected`.

    With `-O num-queries-per-conn=<num>` you can now limit the number of
    queries sent over a connection before triggering a re-connection, see
    the `dnsperf(3)` man-page for more information how this works.

    cd9df40 Tests
    864a968 Queries per connection
    7c5d6ab Suppress unexpected
    8e9f4a2 Suppress

2021-11-02 Jerry Lundström

    Release 2.8.0

    This release fixes response handling for DNS-over-HTTPS when multiple
    responses are received within the same receive cycle, and adds a new
    option to suppress some of the normal and verbose output.

    The network model within dnsperf and resperf can not process more then
    one response at a time from a protocol module, so a buffer has been added
    to the DNS-over-HTTPS module to handle this situation (this already exists
    in all other modules).

    The new option `-O suppress=<message,...>` can selectively suppress parts
    of the normal and verbose output. Some of these messages might be
    excessively displayed due to the network model and depending on what
    protocol you use which makes usage harder then necessary. For example
    during TCP connection stage, if you end-point is slow to establish
    connection you will get a lot of output saying that the socket isn't ready
    yet.

    6a452b0 DoH response handling
    e2828e7 Suppress

2021-09-17 Jerry Lundström

    Release 2.7.1

    This release fixes issues with constructing wire-format DNS when the
    domain names includes escaped characters such as `\123` or `\.`.

    Other changes:
    - Bump Debian package compat level to 10

    4873f02 DNS encoding
    c4eccc0 debhelper

2021-08-09 Jerry Lundström

    Release 2.7.0

    This release adds DNS-over-HTTPS support!

    DNS-over-HTTPS can be used by specifying transport mode `doh` and you
    should also look at the dnsperf(1) man-page (or `-H`) for the extended
    options `doh-uri` and `doh-method`, which controls aspects of DoH/HTTP/2
    that you might want to set.

    Other fixes:
    - Add check when constructing DNS packet so that total length of labels
      does not exceed 255 bytes
    - Fix connection/reconnection state handling for DoT transport
    - Fix event handling by initializing them directly when opening the
      sockets, otherwise events could have been missed which would give
      incorrect statistics

    61b5eac Tests with dumdumd
    d71071c Tests with dumdumd
    b42f92e DoH sending
    2fa40bb Net stats
    f7f8692 DoH fixes
    ea62b49 DoH concurrent streams
    91929f1 DoH reconnect
    17660e6 DoH fixes
    5276aa6 resperf buckets
    585860e Packages
    3ffc601 Fixes
    1570609 Man-page
    6bcadc7 README
    f81adf1 Fixes
    1acd71f Code structure
    6c47876 Fixes
    2d379f4 Fixes
    4d5384b Fixes
    cee93b3 Initial DNS-over-HTTPS support implementation
    4ff3ebc Events
    8b24bbf DoT state
    6a5b5ef Fix too long name
    71fa09f long opts

2021-05-31 Jerry Lundström

    Release 2.6.0

    This release adds EDNS options parameter `-E` to `resperf` and a script
    for generating EDNS Client Subnet options (see `contrib/ecs-gen`).

    d29d880 ECS opt
    877f31e edns option

2021-03-25 Jerry Lundström

    Release 2.5.2

    This release tweaks the reconnect code for TCP and DoT.

    For TCP, atomic operations are used to signal the need to reconnect
    from the receiving thread to the sending, as the sending is the one in
    charge of reconnecting.
    This speeds up detection of connection lost which reduces the amount of
    lost queries on a disconnect.

    This change does not affect DoT as much, as the SSL context shared
    between the threads are protected by a mutex.
    But a bug was found in `sendto()` for DoT that could drop a query if
    the socket was busy sending.

    The connect and reconnect socket events has been split into connecting,
    connected and reconnecting, reconnected. This is to report more correct
    reconnect events when it comes to DoT, because the connection can be
    lost while negotiating TLS.

    Lastly, additional tests has been added for the network code.

    d9e5663 net test
    22f49df network tests
    8e5b56e reconnect

2021-03-22 Jerry Lundström

    Release 2.5.1

    This release re-adds support for TYPEnnn and ANY in the datafile, this
    was missed during the removal of the dependency on BINDs development
    libraries in v2.4.0.

    Also note that with v2.5.0, this software now depends on Concurrency
    Kit (ck) for atomic operations.

    924e6ea ANY
    0a444c0 TYPEnnn

2021-03-12 Jerry Lundström

    Release 2.5.0

    This release adds re-connection support for TCP and DoT protocol,
    new options to `resperf` and fixes a few bugs.

    `dnsperf` and `resperf` will now try to re-connect when they lose a TCP
    or DoT connection, and with that comes a few new statistics metrics.
    For `dnsperf`, if a connection oriented protocol is used, it will now
    show the total number of re-connections made and the connection latency.
    For `resperf` it also shows the total number of re-connections made and
    the gnuplot data now contains the total number of connections made and
    the connection latency for each interval.
    Beside re-connection support, improvements have been made when it comes
    to tracking socket readiness while connections are established which
    should generate less warnings about "socket not ready".

    New `resperf` options:
    - `-R`: Reopen the datafile if it runs out of data before the testing
      is completed. This allows for long running tests on very small and
      simple query datafile.
    - `-F <fall_behind>`: Sets the maximum number of queries that can fall
      behind being sent. `resperf` will stop when this many queries should
      have been sent and it can be relative easy to hit if `-m <max_qps>`
      is set too high.
      The default is 1000 and setting it to zero (0) disables the check.

    Bugfixes:
    - Fixed port handling for host/network format when setting client side
      port with `-x`
    - Fix support for quoted characters, `\000` and `\.`, in domain names,
      this was lost when removing BIND's internal development libraries
    - Fix issue in `dnsperf`, it would loop forever if no connection could
      be established
    - Fix potential buffer overrun in `resperf` when using response id
      for `queries[]`
    - DoT: Fix bug when sending from buffer

    Other changes:
    - Always use `IPV6_V6ONLY` socket option for IPv6
    - Add man-page on `-W` option added in v2.4.0
    - Reformat man-pages
    - `resperf`:
      - Try and process more request each run to hopefully not hit max
        outstanding so easy when high QPS
      - Add default value to `-C` so it shows in help

    9308361 man-page format
    0e52fb4 man-page, opts, tuneups
    e36211d stats
    d9b9ba3 Response qid to index
    2b2c37e fixes, reconnection
    acd31e5 dname quote
    de8f049 net

2021-02-23 Jerry Lundström

    Release 2.4.2

    This release fixes a few issues with reading of the datafile which
    could lead to "ran out of data" errors.

    The problem was that reading from the datafile was done before finding
    a socket to send it on, or socket readyness, and that lead to progressing
    the queries without really doing anything.
    Another issues that's been fixed was that if the read lines perfectly
    aligned with the buffer, it would be treated like EOF and caused an exit.

    9937287 resperf TLS
    6736956 datafile
    55faec6 ran out of data

2021-02-09 Jerry Lundström

    Release 2.4.1

    This release fixes an issue with the socket readiness function that
    could cause a buffer overflow (`-T 10 -c 2000`) due to `select()` being
    limited to check 1023 sockets. `poll()` is now used which has no limit.

    There has also been a few fixes to the contrib script `queryparse` that
    has to do with python v2 and v3 compatibility and better exception
    handling.

    24e5bee poll
    7dceca7 Handle only common exceptions
    5603294 Fix error on python3
    48fa517 TSIG

2020-12-09 Jerry Lundström

    Release 2.4.0

    This release removes the dependency on BIND's internal development
    libraries! This make building and packaging a lot easier and less
    troublesome in the future.

    This software now depends only on OpenSSL (for TSIG feature) with an
    optional depend on LDNS (for dynamic updates feature).

    New option:
    - Transport mode option `-m`/`-M` now recognizes `dot` alongside `tls`
      for encrypted DNS
    - Added `-W` for outputting warnings and errors to stdout

    Other changes / bugfixes:
    - Fix potential memory leak of query descriptions when using verbose
    - Only use TLS v1.2 and above for DoT/TLS
    - Add a lot of tests
    - Add coverage testing

    d17743b datafile
    434bbf2 Checks, coverage, log, test IPv6
    9fb305f Coverage
    123ebf1 DOT, TLS version, Sonarcloud
    26df0bd BIND dependency
    ee660e7 Sonarcloud
    c9ea0ab base64
    4e9be82 TSIG
    4275045 EDNS, https
    7c3f51c BIND dependency
    6e1be5d ISC dependencies
    e36f19d Buffer
    485cdd2 ISC mem, tests
    663dc24 Namespace clash
    2c44987 dynamic updates, edns, headers
    5d109b2 Disable HMAC
    79cae93 datafile, query desc
    663d814 net
    c867de6 isc_result_t
    651ee5d opt
    7d30804 isc_result_t
    58ad313 ISC linked list
    7b4da6d Info
    8079ebc Tests
    e3fb685 Tests
    2bb603a Tests
    297b23b Test
    c4e244b Test
    1caac35 Makefile
    e9f2aaa Coverage
    27af853 Fix typo in configure.ac
    521faa6 Badges
    8fa2ec4 LGTM
    75c89e5 COPR

2020-05-15 Jerry Lundström

    Release 2.3.4

    This release adds a workaround, thanks to patch from Petr Menšík, for
    building on systems with BIND 9.16. Also improves error handling by
    using thread-safe `strerror_r()` instead of `strerror()`.

    88c3ef4 strerror
    1917f67 openSUSE Tumbleweed
    fd39641 AS_VAR_APPEND
    aeeef74 bind 9.16
    07732cd BIND, libcrypto, clang format
    08146e3 Add crypto library to checks
    e4307c2 Add checks to pass with BIND 9.16
    3f9aed3 Prepare check for bind 9.11/9.16 return types

2020-05-06 Jerry Lundström

    Release 2.3.3

    This release changes the behavior of `dnsperf` and `resperf` when it
    comes to TCP and TLS connections, and updates package building using
    COPR (thanks to patch from Petr Menšík (Red Hat)).

    Connection reset or close are now treated as "try again" so that the
    run is finished and not aborted. As SIGPIPE might be received on usage
    of closed connections it's now blocked in `dnsperf` and handled as
    a fatal action in `resperf`.

    62885ad SIGPIPE
    106c50e connection
    3ef0899 README
    61a3b1c COPR
    35efa27 COPR
    46b37a1 COPR
    5c126ae COPR
    1c51b76 Provide full URL in spec
    2a4dd0e Allow recreation of source archive
    931d6cc Do not require root for archive creation

2019-08-23 Jerry Lundström

    Release 2.3.2

    This release fixes a buffer overflow when using TSIG and algorithms
    with digests larger then SHA256, reported by Mukund Sivaraman. Also
    fix build dependencies for `sqrt()`.

    e54aa58 Digest
    bca5d8d sqrt
    d9eaa5b Package

2019-07-24 Jerry Lundström

    Release 2.3.1

    After a report and additional confirming results the use of `poll()` in
    the network receive code for TCP and TLS has been removed. This `poll()`
    initially gave better results while testing in a docker container on
    it's loopback interface but when on physical networks it reduced
    performance to 1/12th, so it had to go.

    Thanks to Brian Wellington (Akamai/Nominum) for the initial report and
    testing, and to Jan Hák (CZ.NIC) for testing and confirming the results.

    Bugfix:
    - Fix check for having more DNS messages in the receive buffer for TCP
      and TLS

    670db9c TCP/TLS receive
    b8925b2 recvbuf have more

2019-07-17 Jerry Lundström

    Release 2.3.0

    This release adds support for DNS over TCP and TLS which can be selected
    by using the mode option for `dnsperf` and `resperf`. The default server
    port used is now determined by the transport mode, udp/tcp port 53 and
    tls port 853.

    Note that the mode option is different between the program because it was
    already taken for `resperf`.

    `dnsperf` changes:
    - Add `-m` for setting transport mode, `udp` (default), `tcp` or `tls`
    - Add verbose messages about network readiness and congestion

    `resperf` changes:
    - Add `-M` for setting transport mode, `udp` (default), `tcp` or `tls`
    - Add `-v` for verbose mode to report about network readiness and
      congestion

    ffa49cf LGTM, SonarCloud
    4cd5441 TLS
    35624d1 TCP send, socket ready loop
    fbf76aa TCP support
    5988b06 Funding

2019-01-28 Jerry Lundström

    Release 2.2.1

    The commit pulled from a fork that used `inttypes.h`, instead of ISC
    internal types, missed to remove the old conversion specifier.
    This was reported and fixed by Vladimír Čunát.

    9534ce1 remove visible "u" characters after numbers

2019-01-25 Jerry Lundström

    Release 2.2.0

    First release by DNS-OARC with a rework of the code to use autotools,
    semantic versioning 2.0 and bugfixes pulled from other's forks.

    Bugfixes:
    - Fix infinite loop in argument parsing
    - Fix min/max latency summing for multithreaded runs
    - Fix calculation of per_thread socket counts
    - Fixes to queryparse
      - Mark correctly end of file
      - Support python3
      - Stop looping on end of file undefinitely
    - Fix compilation issues and work around missing `dns_fixedname_initname()`
    - Clang `scan-build` fixes

    Other changes:
    - add "configure --with-bind" option
    - Handle bind library changes to HMAC (see #22) and other differences
      between versions
    - Workaround issue on FreeBSD (see #23)
    - Use `snprintf()` and OpenBSD's `strlcat()`
    - Add/update build dependencies for Debia, Ubuntu, CentOS, FreeBSD
      and OpenBSD

    ae9bc91 Clang format
    b9bb085 CI, buildbot
    b84e41b Autotools, README, changelog
    a2e1732 License
    9dcb661 Remove $Id markers, Principal Author and Reviewed tags from the
            full source tree
    0677bf0 Use dns_fixedname_initname() where possible
    d8d4696 [master] add "configure --with-bind" option to dnsperf
    b71a280 Add deb based distros dependencies
    439c614 Replace custom isc_boolean_t with C standard bool type
    407ae7c Replace custom isc_u?intNN_t types with C99 u?intNN_t types
    c27afd4 Replace ISC_PRINT_QUADFORMAT with inttypes.h format constants
    6fdb2f7 Fix queryparse
    4909b78 README
    2782d50 README.md: Rectify link to software
    e31ddf4 fix calculation of per_thread socket counts
    3bd7fb4 Fix min/max latency summing for multithreaded runs
    2207e27 Fix infinite loop in argument parsing.
    3bfe97a Include the github URL; remove the bug reports section.
    0cee04a Add note about bug reports.
    62c4b32 add .gitignore
    c45f0be Initial import.
    149172b Initial commit

2015-12-15

    Release 2.1.0.0

    In addition to various bug fixes, the following new capabilities
    were added in this release:
    - The `-C` option was added to `resperf`. This option enables the local
      server to act as multiple clients.  By default, the local server
      acts as a single client.
    - the `-T` option was added to `dnsperf`. This option separates the
      number of clients from the number of threads and allows more
      clients to be simulated effectively.  Note that using this option
      impacts CPU and memory, so we recommend limiting the number of
      threads.

2012-03-01

    Release 2.0.0.0

    In the `dnsperf` command, the following changes occurred:
    - The socket buffer size is no longer set to 32 kilobytes by default.
    - A new `-c clients` option was added to enable the server to act as
      multiple clients. Each client uses the same source IP address with a
      unique source port. Use the `clients` argument to specify the number of
      clients represented by the server. We recommend limiting the number of
      clients represented by the server because the `dnsperf` process uses two
      threads for each client (one thread for sent packets and one for
      received packets), which impacts CPU and memory.
    - Example query files are no longer included with the `dnsperf` program.
      Nominum provides a sample query file that is available for download at:
      ftp://ftp.nominum.com/pub/nominum/dnsperf/data/
    - Latency reporting improved. When the `-v` (verbose mode) option is
      configured with the `dnsperf` command, the command output now includes
      latency measurements and the DNS RCODE of each response. This enables
      users to create their own latency graphs.
    - Performance was enhanced on modern operating systems so that faster
      name servers can be tested.
    - The `dnsperf` command output is enhanced to display more information in a
      compact format.

    The following options were removed from the `dnsperf` command:
    - The `-A` option for displaying command line arguments passed to the
      `dnsperf` tool in the final statistics output. Now, the `dnsperf` command
      output always displays command line arguments.
    - The `-T` option for printing a histogram showing response latency after
      completing a test run. Now, the `-v` option enables users to include
      latency measurements in the `dnsperf` command output.
    - The `-H` option for configuring the number of buckets for which response
      latency is displayed. Now, the `-v` option enables users to include
      latency measurements in the `dnsperf` command output.
    - The `-1` option for configuring the `dnsperf` tool to run through the input
      file exactly one time. (Now, you use the `-n 1` option to configure the
      `dnsperf` tool to run through the input file one time.)
    - The `-c` option for including the number of responses received (for
      each DNS RCODE) in the final statistics output. Now, DNS RCODE responses
      are always reported.

    In the `resperf` command, the following changes occurred:
    - The socket buffer size is no longer set to 32 kilobytes by default.
    - The `-A` option, which displayed command line arguments passed to the
      `resperf` tool in the final statistics output, was removed. Now, the
      `resperf` command output always displays command line arguments.

2011-12-22

    Release 1.0.2.0

    This release adds support for RHEL6-64 and for Solaris 10 x86-64.

    Some new configuration options have been added. You can now specify:
	- the local port from which to send requests
	- the local address from which to send requests
	- the maximum number of runs through the input file, up
	  to the timeout limit.
	- when using TSIG, algorithms other than hmac-md5 can be used.

    One default has been changed:
	- The maximum number of outstanding requests now defaults
	  to 100.

    A new example query file for IPv6, `queryfile-example-ipv6`, is now
    included with the distribution.

2008-01-10

    Release 1.0.1.0

    This release makes binary builds of `dnsperf` available in addition to
    the source code version previously released.

    This release of `dnsperf` includes a sample query file containing
    100,000 queries to help with performance testing.  This query file is
    useful for checking latencies or a continuous `dnsperf` run. In the
    binary distribution, this file is found at:

        /usr/local/nom/examples/dnsperf/queryfile-example-100thousand

    In the source distribution, it is at:

        ./examples/queryfile-example-100thousand

    where `.` is the directory made by extracting the source tarball.

    Nominum recommends using a query file with at least 3 million queries
    for a full `resperf` run as described in the man page; we make such a
    file available for download at:

        ftp://ftp.nominum.com/pub/nominum/dnsperf/data/queryfile-example-3million.gz

    The following fix is included in the source distribution:
    - 20996: `makefile.in` does not allow overriding `mandir`
      The `--mandir` argument to `configure`, which allows the user to
      specify the location man pages are installed, was incorrectly
      ignored.

    `queryparse` is a contributed program available in the source
    distribution of `dnsperf`. It can be found at `contrib/queryparse/`.
    The following changes were made to that program:
    - 19717: `contrib/queryparse` includes outgoing queries
      The `queryparse` script had no way of distinguishing between incoming
      queries and outgoing queries when applied to a traffic trace from a
      caching server. This was addressed by adding a new flag (`-r`) that,
      when included in the command line, will keep queries with
      `RD=0`. Otherwise, it will default to discarding them.
    - The ability to parse responses instead of queries was added.
    - A check was added to avoid short packets.
    - Logic was added to detect link type and correctly set the initial
      offset to handle both Ethernet and Cisco HDLC frames.
    - `queryparse` now uses `pcapy` instead of the `btk` python `libcap` module.

    Note that announcements of new releases of `dnsperf` are sent to the
    mailing list: dnsperf-announce@nominum.com.  To be added to the
    mailing list, send a message to dnsperf-announce-request@nominum.com
    with "subscribe" as the subject.

    Known Issues:
    - None.

2006-12-21

    Release 1.0.0.1

    This release addresses the following issue in the `dnsperf` program:
    - 18838/18782: `dnsperf` slow down issue
      Because of an error in how timeout checking was being done, queries
      were rarely timing out, so the number of valid queries in flight kept
      dropping.  This error has been corrected.