Before proceeding, it is advised to check the release notes for your PowerDNS version, as specified in the name of the distribution file.
Please upgrade to the PowerDNS Authoritative Server 4.0.0 from 3.4.2+. See the 3.X upgrade notes if your version is older than 3.4.2.
notified_serial column default in the domains
table has been changed from INT DEFAULT NULL to INT UNSIGNED
DEFAULT NULL:ALTER TABLE domains MODIFY notified_serial INT UNSIGNED DEFAULT NULL;dNSDomain2 type has been
changed.experimental-lua-policy-script option and the feature itself have
been completely dropped. We invite you to use PowerDNS
dnsdist instead.allow-recursion, recursive-cache-ttl and recursor options have
been removed as well.default-ksk-algorithms has been renamed to default-ksk-algorithm
and only supports a single algorithm name now.default-zsk-algorithms has been renamed to default-zsk-algorithm
and only supports a single algorithm name now.0.0.0.0, ::/0 to 127.0.0.1, ::1.The --with-pgsql, --with-pgsql-libs, --with-pgsql-includes
and --with-pgsql-config configure options have been deprecated.
configure now attempts to find the Postgresql client libraries via
pkg-config, falling back to detecting pg_config. Use
--with-pg-config to specify a path to a non-default pg_config if
you have Postgresql installed in a non-default location.
The --enable-libsodium configure flag has changed from ‘no’ to ‘auto’.
This means that if libsodium and its development header are installed, it will be linked in.
The improved LDAP Backend backend now requires Kerberos headers to be installed. Specifically, it needs krb5.h to be installed.
no to yesNo changes have been made to the database schema. However, several superfluous queries have been dropped from the SQL backend. Furthermore, the generic SQL backends switched to prepared statements. If you use a non-standard SQL schema, please review the new defaults.
insert-ent-query, insert-empty-non-terminal-query,
insert-ent-order-query have been replaced by one query named
insert-empty-non-terminal-order-queryinsert-record-order-query has been dropped,
insert-record-query now sets the ordername (or NULL)insert-slave-query has been dropped, insert-zone-query now
sets the type of zoneSeveral options have been removed or renamed, for the full overview of all options, see Authoritative Server Settings.
The following options have been renamed:
experimental-json-interface ==> apiexperimental-api-readonly ==> api-readonlyexperimental-api-key ==> api-keyexperimental-dname-processing ==> dname-processingexperimental-dnsupdate ==> dnsupdateallow-dns-update-from ==> allow-dnsupdate-fromforward-dnsupdates ==> forward-dnsupdateThe following options are removed:
pipebackend-abi-version, it now a setting per-pipe backend.strict-rfc-axfrssend-root-referralThe API path has changed to /api/v1.
Incompatible change: SOA-EDIT-API now follows SOA-EDIT-DNSUPDATE
instead of SOA-EDIT (incl. the fact that it now has a default value
of DEFAULT). You must update your existing SOA-EDIT-API metadata
(set SOA-EDIT to your previous SOA-EDIT-API value, and
SOA-EDIT-API to SOA-EDIT to keep the old behaviour).
Since PowerDNS 4.0.0 the CAA resource record (type 257) is supported. Before PowerDNS 4.0.0 type 257 was used for a proprietary MBOXFW resource record, which was removed from PowerDNS 4.0. Hence, if you used CAA records with 3.4.x (stored in the DB with wrong type=MBOXFW but worked fine) and upgrade to 4.0, PowerDNS will fail to parse this records and will throw an exception on all queries for a label with MBOXFW records. Thus, make sure to clean up the records in the DB.
In version 3.X, the PowerDNS Authoritative Server silently ignored records that have a ‘priority’ field (like MX or SRV), but where one was not in the database. In 4.X, pdnsutil check-zone will complain about this.