There are a number of notable features Bert Hubert is working on in PowerDNS, and since I’ve been a bit involved in testing and reporting on bugs and features, I want to summarize what is particularly interesting to me.
- DNSSEC. Enough said. :-)
- Slave notifications when acting as slave. Bert did this for me; PDNS will, upon transferring a zone in, notify the zone slaves.
- MyDNS-compatible backend
- PowerDNS gets support for TSIG in for authorizing incoming and outgoing zone transfers. Until now, the IP addresses of clients allowed to perform a zone transfer had to be statically configured in
pdns.conf
with theallow-axfr-ips
directive. Using TSIG keys, PowerDNS can grant an outgoing AXFR transfer request even though, say, the configuration saysallow-axfr-ips=127.0.0.1/32
pdns[1748]: AXFR of domain 'p0000.aa' allowed: TSIG signed request with authorized key 'jtest2' and algorithm 'hmac-md5.sig-alg.reg.int.'
pdns[1748]: AXFR of domain 'p0000.aa' initiated by 10.53.0.214
This has been documented.
And many more.