Today, we released version 4.2.0 of the authoritative DNS name server NSD.
This release contains new features, contributed from Sinodun, that implement TCP fast open support and also support for service on DNS over TLS.
There is also TLS OCSP stapling support with the tls-service-ocsp option in nsd.conf.
The new option hide-identity can be used in nsd.conf to stop NSD from responding with the hostname for probe queries that elicit the chaos class response, this is conform RFC4892.
There is a bug fix for memory leaks during zone file read, with duplicate records in the zone file.
You can get source packages of this version from the downloads page.