About pdnsd pdnsd FAQ Documentation Download Section

pdnsd maintenance page

by Paul A. Rombouts


Version 1.2.9a-par has been released:
Version 1.2.9a fixes a bug in the 1.2.9 release that causes a build failure when pdnsd is configured with --enable-strict-rfc2181. If you do not use this option to compile pdnsd, there is no need to upgrade from 1.2.9 to 1.2.9a.

Version 1.2.9-par has been released:
Version 1.2.9 supports many more RR types (including those necessary for DNSSEC) and EDNS (Extension mechanisms for DNS) to enable UDP messages larger than 512 bytes. It also has support for defining local TXT records and has several new options and bugfixes (including file descriptor leaks that effect FreeBSD users).

The latest source code is available from a git repository:
In response to frequent requests I have uploaded a git tree including the latest code and a fairly extensive history of pdnsd development to gitorious.org. Anyone who wants to participate in pdnsd development is free to create a clone repo on gitorious.org and push his modifications there.

Version 1.2.8-par has been released:
The main new feature of version 1.2.8 is automatic discovery of root servers. There are also some improvements in the resolver and a new default setting for the neg_rrs_pol configuration option.

Version 1.2.7-par has been released:
Foremost, this release fixes some security problems. It contains a fix for a "dangling pointer" bug that could cause pdnsd to crash when it received a long reply. It also addresses some of the issues raised in the CERT vulnerability note VU#800113 by making the default of query_port_start equal to 1024, thereby ensuring that source ports are randomly selected by the pdnsd resolver in the range 1024-65535. This release also fixes problems with compiling pdnsd for the ARM architecture and for the Darwin platform (Max OS X).
There are a number of (minor) new features. pdnsd now supports "include" files, essentially configuration files that only contain definitions for local records. It is now possible to define interactively, using pdnsd-ctl, any local record that can be defined in a configuration file.
Updating is recommended.

Version 1.2.6-par has been released:
pdnsd's license has been upgraded to GPL version 3. A bug has been fixed which caused pdnsd to handle NXDOMAIN replies inefficiently when configured with neg_domain_pol=on. The code that implements the ping test has been fixed, which was broken for 64-bit systems. A new option randomize_servers can be used to give each server in a section of the configuration file an equal chance of being queried. The new options reject, reject_policy and reject_recursively make it possible to check for the presence of certain IP addresses in the replies of name servers and to avoid some types of unwanted replies. The pdnsd-ctl 'add a' and 'add aaaa' commands now allow multiple IP addresses to be specified for the same name. pdnsd's ability to resolve from root servers has been improved.

Version 1.2.5-par has been released:
This release introduces a new query method: udp_tcp. With this method a UDP query is tried first and, if the UDP answer is truncated, the query is repeated using TCP, which is the behaviour that seems to be recommended by the DNS standards. There is a new configuration option use_nss, which can be turned off to prevent lengthy timeouts and stalls in certain situations. Also a bug has been fixed which could cause pdnsd to crash when started in debug mode.

Version 1.2.4-par has been released:
A memory leak and a minor buffer-overflow problem have been fixed. There is now a fix for some situations that would previously cause pdnsd to exit prematurely (such as ACPI S3 sleep or trying to attach strace to pdnsd). Time intervals specified in the configuration file can now be expressed in minutes, hours, days and weeks as well as seconds. Support for Apple Mac OS X v10.4 Tiger has been improved. The "pdnsd-ctl status" command now also provides some information about the status of the running threads.

Version 1.2.3-par has been released:
With the pdnsd-ctl empty-cache command, it is now possible to specify a selection of names to delete instead of emptying the cache completely. pdnsd should now remain responsive while a pdnsd-ctl empty-cache command is running. pdnsd-ctl config or server commands should no longer be held up by ping or query uptests to unresponsive servers. If pdnsd is configured with query_method=tcp_udp, it will now also try a UDP query if a TCP query times out. It should now be possible to resolve the same names with query_method=tcp_udp as with query_method=udp_only, though perhaps with an occasional delay. A number of problems with resolving from root servers have been solved.

Version 1.2.2-par has been released:
This release has a number of portability improvements. A bug has been fixed that prevented from pdnsd from compiling successfully on some 64 bit architectures. There is now (experimental) support for the Darwin (Apple Mac OS X) platform. In addition, this release has enhanced debug facilities.

Version 1.2.1-par has been released:
This release has improved support for non-Linux platforms: support for the Cygwin platform has been added and some fixes have been included to address compilation problems that have been reported by FreeBSD users.

Version 1.2-par has been released: pdnsd is new and improved!
I plan to add more information to this page about the new features when I can find the time. For now, I'll refer you to README.par and the ChangeLog.
For the impatient, the download page is here. For a short history of recent releases have a look at this page.

Note: Due to incompatibilities between various implementations of the pthread library on older Linux systems, problems can occur with signal handling in pdnsd. The usual symptom is failure by pdnsd to save the cache to disk, and /var/cache/pdnsd/pdnsd.cache remaining empty. If you experience this kind of trouble, try reconfiguring with different values for the new --with-thread-lib option which is available with version 1.1.8b1-par4 and later. The allowable values are described in the documentation. If you still experience problems, contact me at the email address listed at the end of README.par.


pdnsd, originally written by Thomas Moestl, is a proxy DNS server with permanent caching (the cache contents are written to hard disk on exit) that is designed to cope with unreachable or down DNS servers (for example in dial-in networking).
The official pdnsd homepage by the original author used to be at http://home.t-online.de/home/Moestl/, but appears to have vanished. An archived version can be found here. pdnsd is no longer being maintained by Thomas Moestl. As far as I know I am presently the only one actively working on the code, so if you want the latest features and fixes, this is the place to get them.

I came to know about pdnsd after reading about it in the WWWOFFLE FAQ. pdnsd solves a frequently occurring problem with dial-up internet connections when the file /etc/resolv.conf changes after wwwoffled (a www proxy server) has been started up. (If you're interested in WWWOFFLE I also have patches available for it here.)

pdnsd allows you to configure one address as the DNS server for all your internet software. This can be localhost, but I personally use a separate machine that I've configured as a gateway to the internet for my home LAN. pdnsd can then be configured to contact your ISP's DNS servers when you make a dial-up connection.

I've found pdnsd to be very useful, but I found it lacked an important feature to be truly maintenance free. The problem is that the ISPs I use do not specify fixed DNS server addresses, but expect their clients to use dynamic DNS configuration (DHCP in the case of the cable connection, RFC1877 in case of isdn). The DNS server addresses do not change frequently, but it does occasionally happen.

To solve this problem I have added support for configuring pdnsd with resolv.conf-type files and I have added a new feature that enables you to change the name server addresses that pdnsd uses at run-time using pdnsd-ctl, the pdnsd control utility.

Out of respect for the free-software community, I'm making the modifications I've made available via this webpage as a pre-patched tar ball pdnsd-1.2.9a-par.tar.gz. Earlier versions are available here. I also have a revised version of the documentation available here.

If you prefer using RPM packages instead of compiling and installing from source, have a look at the selection of packages at the end of this page. There are also Debian, Gentoo and FreeBSD packages based on my version of the code, but these are not maintained by me, so if you have a problem with these don't contact me, but the respective package maintainers.

Note: I have used GNU extensions so there may be some portability issues. I have supplied alternatives for some of the less portable functions. There should be no problem with most Linux distributions. Thanks to contributions by users, pdnsd has also been successfully used on FreeBSD, Cygwin and Darwin (Mac OS X). Please note that to maintain support on non-Linux platforms, I remain dependant on feed-back from users.

A slightly more technical description of the modifications I've made (including some of the bugs I've fixed) can be found in the files README.par and README.par.old in the source directory (if you've installed one of the RPMs this file can be found in the directory /usr/share/doc/pdnsd-1.2). Some of the more recent bug-fixes are listed in the ChangeLog.

On this page I'll give a summary of the modifications from a user's perspective:

More information about the changes I've made (particularly new features in the 1.2.x releases) can be found in the README.par file in the source directory (or in the directory /usr/share/doc/pdnsd-1.2 if you're using an rpm). At the end of this file you can also find my email address should you wish to contact me.

I've also built some RPMs in the hope that it will make it more convenient for some people to try out my version of pdnsd.

First here's the source RPM pdnsd-1.2.9a-par.src.rpm (512kB) in case none of the binary packages suits you. It's also possible to build an RPM directly from the tarball as follows:

rpmbuild -tb pdnsd-1.2.9a-par.tar.gz

There are several options available when building RPMs (e.g. for adding ipv6 support) that are described in the documentation.

These are the latest packages. Older packages can be found here.

Package Name Size Description
pdnsd-1.2.9a-par_sl6.i686.rpm 277kB i686 binary built on a Scientific Linux 6.2 system.
pdnsd-1.2.9a-par_sl6.x86_64.rpm 282kB x86_64 binary built on a Scientific Linux 6.2 system.

These binaries were built without ipv6 support.

Note: For increased security, in the newer RPMs pdnsd runs as "pdnsd" instead of "nobody". If all goes well the new user ID "pdnsd" will be added automatically. Otherwise you will have create a new user "pdnsd" and change the ownership of the directory /var/cache/pdnsd and its contents by hand.

Have fun.

Paul A. Rombouts.


stopsoftwarepatents.eu petition banner



Valid HTML 4.01 Transitional