Created attachment 194154 [details] Patch to upgrade This release fixes a bug where zone transfers would not succeed, because of an error in the selective NSEC3 allocation (introduced in 4.1.18). The refuse ANY query feature now sends truncated answers over UDP and allows TCP queries. This is the same size response on UDP as the refusal but allows the query to succeed over TCP for genuine queriers that fallback to that transport mechanism. The release contains a speed up for TCP processing that should NSD better at handling large numbers of incoming TCP connections. 4.1.22 ================ FEATURES: - refuse-any sends truncation (+TC) in reply to ANY queries over UDP, and allows TCP queries like normal. - Use accept4 to speed up answer of TCP queries, on Linux, FreeBSD and OpenBSD. BUG FIXES: - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones. - Fix to use same condition for nsec3 hash allocation and free.
A commit references this bug: Author: swills Date: Thu Jun 14 22:59:06 UTC 2018 New revision: 472409 URL: https://svnweb.freebsd.org/changeset/ports/472409 Log: dns/nsd: upgrade to version 4.1.22 PR: 228883 Submitted by: jaap@NLnetLabs.nl (maintainer) Changes: head/dns/nsd/Makefile head/dns/nsd/distinfo
Committed, thanks!