[Unbound-users] Release of unbound 1.2.1
wouter at NLnetLabs.nl
Tue Feb 10 09:00:30 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
This is the release of unbound 1.2.1
It works with ldns-1.5.0, also just released.
Get it at
(or use unbound.nlnetlabs.nl if our mirror has not updated yet).
This is mainly a bugfix release. The deadlock fix is serious, the
features are really fixes for smoother operation. Also note another fix
for libevent 1.3andolder - there was a call to a thread unsafe routine.
* negative caching for failed queries. Queries that failed (because the
entire domain is down) are cached for a very short time (seconds), this
lowers the load generated by the failed queries. If the failure is
local, like out of memory, it is not cached.
* stop resolving AAAAs promiscuously when they are in the negative
cache, together with the negative caching feature (just above) this
dampens the spikiness of the requestlist size.
* unbound-host -4 and -6 options. Stops annoying ipv6 errors when
debugging with unbound-host -4 -d ...
* honor QUIET=no on make commandline (or QUIET=yes ).
* Fixed server deadlock. Added cycle detection for NS-check, addr-check,
root-prime and stub-prime queries in the iterator.
* [bugzilla: 229 ]
fixup configure checks for compilation with Solaris sun studio cc
compiler, ./configure CC=/opt/SUNWspro/bin/cc
* fixup warnings emitted by sun studio compiler.
* the TTL comparison for the cache used different comparisons, causing
many cache responses that used the iterator and validator state machines
* Fixed occasional SERVFAIL response when EDNS traffic is dropped for a
domain. Set retry from 4 to 5 so that EDNS drop retry is part of the
first query resolve attempt, and cached error does not stop EDNS fallback.
* removed debug prints in code that protects against bad referrals.
* fix bug where unbound could crash using libevent 1.3 and older.
* more quiet about ipv6 network failures, i.e. when ipv6 is not
available (network unreachable). Debug still printed on high verbosity.
* printout more detailed errors on ssl certificate loading failures.
* builtin IANA allocated portlist updated (these ports are avoided).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Unbound-users