diff --git a/doc/arm/notes-9.17.0.xml b/doc/arm/notes-9.17.0.xml index a2ea9c73b2..c3348fc73f 100644 --- a/doc/arm/notes-9.17.0.xml +++ b/doc/arm/notes-9.17.0.xml @@ -10,31 +10,50 @@ -->
Notes for BIND 9.17.0 - - System-provided pthread rwlocks implementation is used by default instead of - built-in ISC implementation of rwlocks. Please be aware that unpatched glibc - version from 2.26 had a bug - that could cause BIND 9 to deadlock. The fix has been released as part of - glibc release 2.30, and various Linux distributions have patched their glibc - version with a notable exception of Ubuntu 18.04 (Bionic) which is work in - progress. If you are running on affected system (e.g. Ubuntu 18.04) you need - to compile BIND 9 with --disable-pthread-rwlock until Canonical releases - fixed - version. - + +
Known Issues + + + + UDP network ports used for listening can no longer simultaneously be + used for sending traffic. An example configuration which triggers + this issue would be one which uses the same + address:port pair for + listen-on(-v6) statements as for + notify-source(-v6) or + transfer-source(-v6). While this issue affects all + operating systems, it only triggers log messages (e.g. "unable to + create dispatch for reserved port") on some of them. There are + currently no plans to make such a combination of settings work again. + + + +
Feature Changes - The rndc nta -dump and - rndc secroots commands now both include - validate-except entries when listing negative - trust anchors. These are indicated by the keyword - permanent in place of the expiry - date. [GL #1532] + The system-provided POSIX Threads read-write lock implementation is + now used by default instead of the native BIND 9 implementation. + Please be aware that glibc versions 2.26 through 2.29 had a + bug + that could cause BIND 9 to deadlock. A fix was released in glibc 2.30, + and most current Linux distributions have patched or updated glibc, + with the notable exception of Ubuntu 18.04 (Bionic) which is a work in + progress. If you are running on an affected operating system, compile + BIND 9 with --disable-pthread-rwlock until a fixed + version of glibc is available. + + + + + The rndc nta -dump and + rndc secroots commands now both include + validate-except entries when listing negative + trust anchors. These are indicated by the keyword + permanent in place of the expiry + date. [GL #1532] @@ -44,8 +63,8 @@ - Fixed re-signing issues with inline zones which resulted in - records being re-signed late or not at all. + Fixed re-signing issues with inline zones which resulted in + records being re-signed late or not at all. @@ -54,21 +73,21 @@
New Features - - When a secondary server receives a large incremental zone - transfer (IXFR), it can have a negative impact on query - performance while the incremental changes are applied to - the zone. To address this, named can now - limit the size of IXFR responses it sends in response to zone - transfer requests. If an IXFR response would be larger than an - AXFR of the entire zone, it will send an AXFR resonse instead. - - - This behavior is controlled by the max-ixfr-ratio - option - a percentage value representing the ratio of IXFR size - to the size of a full zone transfer. This value cannot exceed - 100%, which is also the default. [GL #1515] - + + When a secondary server receives a large incremental zone + transfer (IXFR), it can have a negative impact on query + performance while the incremental changes are applied to + the zone. To address this, named can now + limit the size of IXFR responses it sends in response to zone + transfer requests. If an IXFR response would be larger than an + AXFR of the entire zone, it will send an AXFR resonse instead. + + + This behavior is controlled by the max-ixfr-ratio + option - a percentage value representing the ratio of IXFR size + to the size of a full zone transfer. The default is + 100%. [GL #1515] +