A changelog would be too long, so here are the highlights
- Security hardening. Lots of casts, limits, and clamping.
- Zero Downtime config reload (except for changing sockets)
- Plus watchdogs to reload files when changed
- Domain Transfer (
AXFRabdNOTIFY) tested against Bind - Dynamic DNS (
UPDATE) - uses hmac-sha256 by default. - Rate Limiting
- dynamic and static controls
- profiles for different settings
- Querylog flood controls (sampling, dedupe, grouped/bucket caps, retention guards, and backend maintenance/pruning controls).
- Expanded admin-ui querylog page,` easier navigation and ede_errors.
- Allow a backup upstreams only if all primaries are degraded, not per query.
- So much testing and documentations.
- optional tests that use docker to run real servers
- ensures code still works on current versions