[MaraDNS list] October MaraDNS updates
Sam Trenholme
maradns at gmail.com
Sun Oct 20 09:41:47 EDT 2013
I have updated MaraDNS and Deadwood this month.
MaraDNS update
I mentioned last month I was working on making MaraDNS more IPv6
compatible. I have finished that work. In the snap branch, if MaraDNS
is compiled with IPv6 enabled, IPv6 glue records are now shown to the
user. This makes it possible to, in theory, resolve DNS names using
entirely IPv6 packets.
Note that Deadwood, MaraDNS’ recursor, still can not handle a glueless
NS referral with only AAAA (IPv6) records. But, since most registrars
have issues with IPv6 glue in their referrals, IPv4 is still needed to
resolve DNS names.
This update can be downloaded here:
http://www.maradns.org/download/2.0/snap/
Third party patch
Last year, Tomasz Torcz provided a patch for running MaraDNS with
systemd. Just a couple of weeks ago, he updated this patch. While I no
longer accept third party patches, I have made a copy of his updated
patch, which can be looked at here:
http://maradns.samiam.org/download/patches/3rd_party/Thomasz-Torcz-systemd-2013-10-14.patch
Deadwood update
In this month’s Deadwood update, I have added another question and
answer to the FAQ.
It can be downloaded here:
http://www.maradns.org/deadwood/snap/
Forum update
While I really can’t provide hand-holding support, I have been helping
Vlodko Petrov on the MaraDNS support forum. By making this help
public, Google and other spiders are indexing this information,
allowing the help and answers I provide to be readily available in
search engines.
SipHash for Deadwood?
While SipHash would make Deadwood a little more secure, this security
improvement would be strictly academic. I have to balance making an
academic security update against Deadwood’s code against the need to
keep Deadwood small and fast.
That in mind, I have no plans to make my implementation of SipHash to
Deadwood’s hash compression function at this time. However, the code
has already been written should I wish to do this in the future.
If SipHash existed in 2001 when I implemented MaraDNS’ random number
generator or in 2010 when I was still actively developing Deadwood and
last updated its hash compression function, I probably would have had
the code use a 32-bit SipHash variant.
But, with a full-time job as a software developer and a baby to take
care of, I no longer am actively developing MaraDNS the way I was
until 2010. There is a reason that I stopped marketing MaraDNS as
being secure last year.
More information about the list
mailing list