KnotDNS 2.7.0 to be Released

New main features - multi-threaded and well-scalable on SMP-systems implementation
06 August 2018   316

A new release of the high-performance authoritative DNS server KnotDNS 2.7.0 has been released. Among its main features - multi-threaded and well-scalable on SMP-systems implementation. There are also the ability to add and remove zones 'on the fly', transfer them between servers, the DDNS service, EDNS0 and DNSSEC extensions.

New features:

  • New DNS Cookies module and related '+cookie' kdig option
  • New module for response tailoring according to client's subnet or geographic location
  • General EDNS Client Subnet support in the server
  • OSS-Fuzz integration (Thanks to Jonathan Foote)
  • New '+ednsopt' kdig option (Thanks to Jan Včelák)
  • Online Signing support for automatic key rollover
  • Non-normal file (e.g. pipe) loading support in zscanner #542
  • Automatic SOA serial incrementation if non-empty zone difference
  • New zone file load option for ignoring zone file's SOA serial
  • New build-time option for alternative malloc specification
  • Structured logging for DNSSEC key submission event
  • Empty QNAME support in kdig
  • Various library and server optimizations
  • Reduced memory consumption of outgoing IXFR processing
  • Linux capabilities use overhaul #546 (Thanks to Robert Edmonds)
  • Online Signing properly signs delegations and CNAME records
  • CDS/CDNSKEY rrset is signed with KSK instead of ZSK
  • DNSSEC-related records are ignored when loading zone difference with signing enabled
  • Minimum allowed RSA key length was increased to 1024
  • Removed explicit dependency on Nettle

In April 2018 Cloudflare launched 1.1.1.1: the fastest DNS server. The company focuses on user security and promises to erase all DNS query logs after 24 hours. 

Cloudflare to Develop IPFS Gateway

According to the developers, new gateway will allow to create P2P based websites
20 September 2018   215

Cloudflare told about the IPFS gateway, which will allow creating sites based on P2P network. The company said that access to content will be done without having to install special software on the devices.

As a technology feature, Cloudflare experts note decentralization. Using a standard network scheme with servers involves physical storage of data in one place. Hacking the server or damage to communications as a result of an emergency (for example, a natural disaster) will lead to inaccessibility of information or its loss. The same is threatened with information if the server owner has decided to refuse it.

Cloudflare Network
Cloudflare Network

The IPFS gateway combines computers, on each of which some information is stored, to the worldwide network. Therefore, the inaccessibility of one computer does not mean that the content can not be viewed or downloaded. Therefore, the key differences are two:

  1. With IPFS, anyone can freely post information instead of storing it on remote servers and paying for their services.
  2. Requests for access to data are carried out using cryptographic hashing, rather than by IP address. The query data is converted to a series of letters and numbers, by which the system finds the required files. For example, the query for any information will not like "get information that is located at IP address 93.184.216.34", but the kind "get information with hash sum QmXnnyufdzAWL5CqZ2RnSNgPbvCc1ALT73s6epPrRnZ1Xy". This hash sum is part of the desired file and is on several computers.

The system automatically determines the authenticity of the file. If we take as an example a query with a hash sum QmXnnyufdzAWL5CqZ2RnSNgPbvCc1ALT73s6epPrRnZ1Xy, then when receiving the information it should remain the same. If the hash value differs, then the file has been changed. In other words, the hash-sum can be represented as a unique fingerprint:

IPFS Security
IPFS Security

Supporters of decentralization are also in a number of other companies. Mozilla employees believe that consumers should not be tied to a particular product, brand or platform. In early August 2018, developers published a version of the IoT gateway Things Gateway 0.5. In it, they realized the possibility of loading third-party icons and an interface for complex devices.