ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Adjust default value of "max-recursion-queries"

Browse Source 
Since the queries sent towards root and TLD servers are now included in
the count (as a result of the fix for CVE-2020-8616),
"max-recursion-queries" has a higher chance of being exceeded by
non-attack queries.  Increase its default value from 75 to 100.

(cherry picked from commit ab0bf49203)
This commit is contained in:
Mark Andrews
2020-11-26 15:59:14 +11:00
parent c4178b7d8d
commit 5c10b5a4e8
5 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/notes/notes-current.rst
View File

@@ -40,6 +40,12 @@ Feature Changes
configuration. A new option 'nsec3param' can be used to set the desired
NSEC3 parameters, and will detect collisions when resalting. [GL #1620].
- Adjust the ``max-recursion-queries`` default from 75 to 100. Since the
queries sent towards root and TLD servers are now included in the
count (as a result of the fix for CVE-2020-8616), ``max-recursion-queries``
has a higher chance of being exceeded by non-attack queries, which is the
main reason for increasing its default value. [GL #2305]
Bug Fixes
~~~~~~~~~