clarify NS_FAIL_LIMIT / NS_RR_LIMIT, tunables, and limit proactive lookups?
Jeremy C. Reed
reed at reedmedia.net
Wed May 20 20:01:16 UTC 2020
I was looking at new code for lib/dns/resolver.c
https://github.com/isc-projects/bind9/commit/27f868f34c79cca80a1c3fd46353258be26c3a7f
The notes xml says: "Fetches for missing name server address records are
limited to 4 for any domain."
This doesn't seem to match what the new code comments, commit message,
or what the code does. I may be reading wrong. Can you please explain
this or clarify this?
Also is there any plan on making NS_FAIL_LIMIT or NS_RR_LIMIT a tunable?
Any discussion or plan to add a configuration option to limit how many
NS are looked up simultaneously? In other words, if set to 1, don't look
up address for next NS unless first fails. I used "recursive-clients 1;"
which did delay the fetches but still did more than one. (I think this
would be like fetches-per-zone but not about the target domain.)
Jeremy C. Reed
echo uggc://errqzrqvn.arg/obbxf/ovaq-qaf/ | \
tr "noqruvxzabcefg" "abdehikmnoprst"
More information about the bind-workers
mailing list