A release of the PowerDNS Recursor 4.7 caching DNS server is available, which is responsible for recursive name resolution. PowerDNS Recursor is built on the same codebase as PowerDNS Authoritative Server, but PowerDNS recursive and authoritative DNS servers are developed through different development cycles and released as separate products. The project code is distributed under the GPLv2 license.
The server provides tools for remote statistics collection, supports instant restart, has a built-in engine for connecting Lua handlers, fully supports DNSSEC, DNS64, RPZ (Response Policy Zones), allows you to connect blacklists. It is possible to write the resolving results as BIND zone files. To ensure high performance, modern connection multiplexing mechanisms in FreeBSD, Linux and Solaris (kqueue, epoll, /dev/poll) are used, as well as a high-performance DNS packet parser capable of processing tens of thousands of parallel requests.
In the new version:
- Implemented the ability to add additional records to responses sent to the client to convey useful information without having to send a separate request (for example, responses to an MX record request can be configured to attach related A and AAAA records).
- Implemented consideration of the requirements of RFC 9156 in the implementation of support for the request name minimization mechanism ("QNAME minimization"), which allows increasing confidentiality by stopping sending the full original QNAME name to the upstream server.
- Resolving IPv6 addresses of DNS servers that are not listed in GR (Glue Record) records through which the registrar transmits information about DNS servers serving the domain is provided.
- An experimental implementation of one-way verification of DoT (DNS over TLS) protocol support by a DNS server is proposed.
- Added the ability to fallback to the parent NS recordset if the servers in the child NS recordset are not responding.
- Added support for validating ZONEMD (RFC 8976) RR records obtained from the cache.
- Added the ability to attach handlers in the Lua language, called at the stage of resolving completion (for example, in such handlers, you can change the response returned to the client).
Source: opennet.ru