On 26.11.2012 13:52, James Findley wrote:
I noticed that pdns was recently (October) updated to 3.1 from 2.9.
As
http://doc.powerdns.com/changelog.html#changelog-auth-3-1
and
http://doc.powerdns.com/upgrades.html#from2.9to3.0 notes this is a
major upgrade that requires schema updates to the database, will cause
powerdns to fail to start for some configs, may change the answers
returned and may negatively affect performance.
Hi,
The database schema from pdns 2.9.22 is still compatible with pdns 3.x.
Please see:
http://doc.powerdns.com/upgrades.html#from2.9to3.0
Can 3.x versions read the 2.9 pre-DNSSEC database schema?
Yes, as long as the relevant '-dnssec' setting is not
enabled. These
settings are typically called 'gmysql-dnssec', 'gpgsql-dnssec',
'gsqlite3-dnssec'. If this setting IS enabled, 3.x expects the new
schema to be in place.
PowerDNS Authoritative Server 3.0 comes with DNSSEC support, but this
has required big changes to database schemas. Each backend lists the
changes required. To facilitate a smooth upgrade, the old, non-DNSSEC
schema is used by default.
There will be no issue with the old 2.9.22 non-DNSSEC database schema
with 3.x, because pdns 3.x uses by default the old non-DNSSEC database
schema. You'll need big database changes only for DNSSEC. Since the old
version (2.9.22) doesn't support DNSSEC this shouldn't be a problem.
Furthermore, the configuration from 2.9.22 in /etc/pdns/pdns.conf is
also fully compatible with pdns 3.x.
On 26.11.2012 16:51, Ken Dreyer wrote:
EPEL 6 will be around until November 2020.
That's exactly the point, also for PowerDNS. The upstream project will
not maintain the old 2.9.x branch until 2020. For security reasons, I
think it is necessary to upgrade to the 3.x branch. (to make sure that
we get security related patches for PowerDNS) Furthermore, many bugs
have been fixed since 2.9.22 and pdns 3.x supports DNSSEC.
This probably should not have been done at all, and definitely not
without some mention of these issues in the RPM changelog and ideally a
postscript to fix configs, DB schema, etc.
You don't need to fix the database schema or the configuration file,
because pdns 3.x uses by default the old non-DNSSEC database schema and
the pdns.conf file is still compatible.
Thank you for your understanding.
Best regards,
Morten