mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 06:37:08 +00:00
- Set defaults to yes for a number of options to increase speed and
resilience of the server. The so-reuseport, harden-below-nxdomain, and minimal-responses options are enabled by default. They used to be disabled by default, waiting to make sure they worked. They are enabled by default now, and can be disabled explicitly by setting them to "no" in the unbound.conf config file. The reuseport and minimal options increases speed of the server, and should be otherwise harmless. The harden-below-nxdomain option works well together with the recently default enabled qname minimisation, this causes more fetches to use information from the cache. git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
0171d06aa2
commit
e0745813f4
@ -1,3 +1,15 @@
|
||||
27 August 2018: Wouter
|
||||
- Set defaults to yes for a number of options to increase speed and
|
||||
resilience of the server. The so-reuseport, harden-below-nxdomain,
|
||||
and minimal-responses options are enabled by default. They used
|
||||
to be disabled by default, waiting to make sure they worked. They
|
||||
are enabled by default now, and can be disabled explicitly by
|
||||
setting them to "no" in the unbound.conf config file. The reuseport
|
||||
and minimal options increases speed of the server, and should be
|
||||
otherwise harmless. The harden-below-nxdomain option works well
|
||||
together with the recently default enabled qname minimisation, this
|
||||
causes more fetches to use information from the cache.
|
||||
|
||||
22 August 2018: George
|
||||
- #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This
|
||||
gives access to reply information for the client's communication
|
||||
|
@ -103,7 +103,7 @@ server:
|
||||
# so-sndbuf: 0
|
||||
|
||||
# use SO_REUSEPORT to distribute queries over threads.
|
||||
# so-reuseport: no
|
||||
# so-reuseport: yes
|
||||
|
||||
# use IP_TRANSPARENT so the interface: addresses can be non-local
|
||||
# and you can config non-existing IPs that are going to work later on
|
||||
@ -373,7 +373,7 @@ server:
|
||||
# harden-dnssec-stripped: yes
|
||||
|
||||
# Harden against queries that fall under dnssec-signed nxdomain names.
|
||||
# harden-below-nxdomain: no
|
||||
# harden-below-nxdomain: yes
|
||||
|
||||
# Harden the referral path by performing additional queries for
|
||||
# infrastructure data. Validates the replies (if possible).
|
||||
@ -454,7 +454,7 @@ server:
|
||||
|
||||
# if yes, Unbound doesn't insert authority/additional sections
|
||||
# into response messages when those sections are not required.
|
||||
# minimal-responses: no
|
||||
# minimal-responses: yes
|
||||
|
||||
# true to disable DNSSEC lameness check in iterator.
|
||||
# disable-dnssec-lame-check: no
|
||||
|
@ -278,9 +278,9 @@ to so\-rcvbuf.
|
||||
.B so\-reuseport: \fI<yes or no>
|
||||
If yes, then open dedicated listening sockets for incoming queries for each
|
||||
thread and try to set the SO_REUSEPORT socket option on each socket. May
|
||||
distribute incoming queries to threads more evenly. Default is no. On Linux
|
||||
it is supported in kernels >= 3.9. On other systems, FreeBSD, OSX it may
|
||||
also work. You can enable it (on any platform and kernel),
|
||||
distribute incoming queries to threads more evenly. Default is yes.
|
||||
On Linux it is supported in kernels >= 3.9. On other systems, FreeBSD, OSX
|
||||
it may also work. You can enable it (on any platform and kernel),
|
||||
it then attempts to open the port and passes the option if it was available
|
||||
at compile time, if that works it is used, if it fails, it continues
|
||||
silently (unless verbosity 3) without the option.
|
||||
@ -747,7 +747,7 @@ noerror for empty nonterminals, hence this is possible. Very old software
|
||||
might return nxdomain for empty nonterminals (that usually happen for reverse
|
||||
IP address lookups), and thus may be incompatible with this. To try to avoid
|
||||
this only DNSSEC-secure nxdomains are used, because the old software does not
|
||||
have DNSSEC. Default is off.
|
||||
have DNSSEC. Default is on.
|
||||
The nxdomain must be secure, this means nsec3 with optout is insufficient.
|
||||
.TP
|
||||
.B harden\-referral\-path: \fI<yes or no>
|
||||
@ -861,9 +861,11 @@ from the query ID, for speed and thread safety). Default is no.
|
||||
If yes, Unbound doesn't insert authority/additional sections into response
|
||||
messages when those sections are not required. This reduces response
|
||||
size significantly, and may avoid TCP fallback for some responses.
|
||||
This may cause a slight speedup. The default is no, because the DNS
|
||||
This may cause a slight speedup. The default is yes, even though the DNS
|
||||
protocol RFCs mandate these sections, and the additional content could
|
||||
be of use and save roundtrips for clients.
|
||||
be of use and save roundtrips for clients. Because they are not used,
|
||||
and the saved roundtrips are easier saved with prefetch, whilst this is
|
||||
faster.
|
||||
.TP
|
||||
.B disable-dnssec-lame-check: \fI<yes or no>
|
||||
If true, disables the DNSSEC lameness check in the iterator. This check
|
||||
|
1
testdata/autotrust_init.rpl
vendored
1
testdata/autotrust_init.rpl
vendored
@ -4,6 +4,7 @@ server:
|
||||
log-time-ascii: yes
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/autotrust_init_ds.rpl
vendored
1
testdata/autotrust_init_ds.rpl
vendored
@ -4,6 +4,7 @@ server:
|
||||
log-time-ascii: yes
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/autotrust_init_sigs.rpl
vendored
1
testdata/autotrust_init_sigs.rpl
vendored
@ -4,6 +4,7 @@ server:
|
||||
log-time-ascii: yes
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/autotrust_init_zsk.rpl
vendored
1
testdata/autotrust_init_zsk.rpl
vendored
@ -4,6 +4,7 @@ server:
|
||||
log-time-ascii: yes
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/black_data.rpl
vendored
1
testdata/black_data.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/black_prime.rpl
vendored
1
testdata/black_prime.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_anchor.rpl
vendored
1
testdata/dlv_anchor.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_ask_higher.rpl
vendored
1
testdata/dlv_ask_higher.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_below_ta.rpl
vendored
1
testdata/dlv_below_ta.rpl
vendored
@ -8,6 +8,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_delegation.rpl
vendored
1
testdata/dlv_delegation.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_insecure.rpl
vendored
1
testdata/dlv_insecure.rpl
vendored
@ -8,6 +8,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_insecure_negcache.rpl
vendored
1
testdata/dlv_insecure_negcache.rpl
vendored
@ -8,6 +8,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_remove_empty.rpl
vendored
1
testdata/dlv_remove_empty.rpl
vendored
@ -5,6 +5,7 @@ server:
|
||||
val-override-date: "20070916134226"
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
fake-sha1: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_remove_nodel.rpl
vendored
1
testdata/dlv_remove_nodel.rpl
vendored
@ -6,6 +6,7 @@ server:
|
||||
val-override-date: "20070916134226"
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
fake-sha1: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_remove_pos.rpl
vendored
1
testdata/dlv_remove_pos.rpl
vendored
@ -8,6 +8,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dlv_unused.rpl
vendored
1
testdata/dlv_unused.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/dns64_lookup.rpl
vendored
1
testdata/dns64_lookup.rpl
vendored
@ -4,6 +4,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
module-config: "dns64 validator iterator"
|
||||
dns64-prefix: 64:ff9b::0/96
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/domain_insec_dlv.rpl
vendored
1
testdata/domain_insec_dlv.rpl
vendored
@ -5,6 +5,7 @@ server:
|
||||
domain-insecure: "example.net"
|
||||
val-override-date: "20070916134226"
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/fetch_glue.rpl
vendored
1
testdata/fetch_glue.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/fetch_glue_cname.rpl
vendored
1
testdata/fetch_glue_cname.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
2
testdata/fwd_cached.rpl
vendored
2
testdata/fwd_cached.rpl
vendored
@ -1,5 +1,7 @@
|
||||
; This is a comment.
|
||||
; config options go here.
|
||||
server:
|
||||
minimal-responses: no
|
||||
forward-zone: name: "." forward-addr: 216.0.0.1
|
||||
CONFIG_END
|
||||
|
||||
|
1
testdata/iter_class_any.rpl
vendored
1
testdata/iter_class_any.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_cycle_noh.rpl
vendored
1
testdata/iter_cycle_noh.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
harden-glue: "no"
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_dname_insec.rpl
vendored
1
testdata/iter_dname_insec.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
harden-referral-path: no
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_domain_sale.rpl
vendored
1
testdata/iter_domain_sale.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_domain_sale_nschange.rpl
vendored
1
testdata/iter_domain_sale_nschange.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_emptydp.rpl
vendored
1
testdata/iter_emptydp.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_emptydp_for_glue.rpl
vendored
1
testdata/iter_emptydp_for_glue.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_fwdfirst.rpl
vendored
1
testdata/iter_fwdfirst.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_fwdfirstequal.rpl
vendored
1
testdata/iter_fwdfirstequal.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_fwdstub.rpl
vendored
1
testdata/iter_fwdstub.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_fwdstubroot.rpl
vendored
1
testdata/iter_fwdstubroot.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_got6only.rpl
vendored
1
testdata/iter_got6only.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
do-ip6: no
|
||||
target-fetch-policy: "0 0 0 0 0 "
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/iter_hint_lame.rpl
vendored
1
testdata/iter_hint_lame.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_lame_noaa.rpl
vendored
1
testdata/iter_lame_noaa.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
harden-referral-path: no
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_lame_nosoa.rpl
vendored
1
testdata/iter_lame_nosoa.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_mod.rpl
vendored
1
testdata/iter_mod.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
module-config: "iterator"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_ns_badip.rpl
vendored
1
testdata/iter_ns_badip.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "3 2 1 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_ns_spoof.rpl
vendored
1
testdata/iter_ns_spoof.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
harden-referral-path: yes
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/iter_pc_a.rpl
vendored
1
testdata/iter_pc_a.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pc_aaaa.rpl
vendored
1
testdata/iter_pc_aaaa.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcdiff.rpl
vendored
1
testdata/iter_pcdiff.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcdirect.rpl
vendored
1
testdata/iter_pcdirect.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcname.rpl
vendored
1
testdata/iter_pcname.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcnamech.rpl
vendored
1
testdata/iter_pcnamech.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcnamechrec.rpl
vendored
1
testdata/iter_pcnamechrec.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcnamerec.rpl
vendored
1
testdata/iter_pcnamerec.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_pcttl.rpl
vendored
1
testdata/iter_pcttl.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
do-ip6: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_prefetch.rpl
vendored
1
testdata/iter_prefetch.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
prefetch: "yes"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_prefetch_change.rpl
vendored
1
testdata/iter_prefetch_change.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
prefetch: "yes"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_prefetch_change2.rpl
vendored
1
testdata/iter_prefetch_change2.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
prefetch: "yes"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_prefetch_childns.rpl
vendored
1
testdata/iter_prefetch_childns.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
prefetch: "yes"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_prefetch_fail.rpl
vendored
1
testdata/iter_prefetch_fail.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
prefetch: "yes"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_prefetch_ns.rpl
vendored
1
testdata/iter_prefetch_ns.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
prefetch: "yes"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_primenoglue.rpl
vendored
1
testdata/iter_primenoglue.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_privaddr.rpl
vendored
1
testdata/iter_privaddr.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
private-address: 10.0.0.0/8
|
||||
private-address: 172.16.0.0/12
|
||||
|
1
testdata/iter_ranoaa_lame.rpl
vendored
1
testdata/iter_ranoaa_lame.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_reclame_one.rpl
vendored
1
testdata/iter_reclame_one.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_reclame_two.rpl
vendored
1
testdata/iter_reclame_two.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_recurse.rpl
vendored
1
testdata/iter_recurse.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_resolve.rpl
vendored
1
testdata/iter_resolve.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_resolve_minimised.rpl
vendored
1
testdata/iter_resolve_minimised.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_resolve_minimised_nx.rpl
vendored
1
testdata/iter_resolve_minimised_nx.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_resolve_minimised_refused.rpl
vendored
1
testdata/iter_resolve_minimised_refused.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_resolve_minimised_timeout.rpl
vendored
1
testdata/iter_resolve_minimised_timeout.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_scrub_cname_an.rpl
vendored
1
testdata/iter_scrub_cname_an.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
harden-referral-path: no
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_scrub_dname_insec.rpl
vendored
1
testdata/iter_scrub_dname_insec.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
harden-referral-path: no
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_scrub_dname_rev.rpl
vendored
1
testdata/iter_scrub_dname_rev.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_scrub_dname_sec.rpl
vendored
1
testdata/iter_scrub_dname_sec.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_soamin.rpl
vendored
1
testdata/iter_soamin.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_stub_leak.rpl
vendored
1
testdata/iter_stub_leak.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_stub_noroot.rpl
vendored
1
testdata/iter_stub_noroot.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_stubfirst.rpl
vendored
1
testdata/iter_stubfirst.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/iter_timeout_ra_aaaa.rpl
vendored
1
testdata/iter_timeout_ra_aaaa.rpl
vendored
@ -2,6 +2,7 @@
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
2
testdata/rrset_rettl.rpl
vendored
2
testdata/rrset_rettl.rpl
vendored
@ -1,5 +1,7 @@
|
||||
; This is a comment.
|
||||
; config options go here.
|
||||
server:
|
||||
minimal-responses: no
|
||||
forward-zone: name: "." forward-addr: 216.0.0.1
|
||||
CONFIG_END
|
||||
|
||||
|
2
testdata/rrset_untrusted.rpl
vendored
2
testdata/rrset_untrusted.rpl
vendored
@ -1,5 +1,7 @@
|
||||
; This is a comment.
|
||||
; config options go here.
|
||||
server:
|
||||
minimal-responses: no
|
||||
forward-zone: name: "." forward-addr: 216.0.0.1
|
||||
CONFIG_END
|
||||
|
||||
|
2
testdata/rrset_updated.rpl
vendored
2
testdata/rrset_updated.rpl
vendored
@ -1,5 +1,7 @@
|
||||
; This is a comment.
|
||||
; config options go here.
|
||||
server:
|
||||
minimal-responses: no
|
||||
forward-zone: name: "." forward-addr: 216.0.0.1
|
||||
CONFIG_END
|
||||
|
||||
|
1
testdata/trust_cname_chain.rpl
vendored
1
testdata/trust_cname_chain.rpl
vendored
@ -1,6 +1,7 @@
|
||||
; config options
|
||||
server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
minimal-responses: no
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
|
1
testdata/ttl_max.rpl
vendored
1
testdata/ttl_max.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
access-control: 127.0.0.1 allow_snoop
|
||||
cache-max-ttl: 10
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/ttl_min.rpl
vendored
1
testdata/ttl_min.rpl
vendored
@ -3,6 +3,7 @@ server:
|
||||
access-control: 127.0.0.1 allow_snoop
|
||||
cache-min-ttl: 10
|
||||
qname-minimisation: "no"
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_adbit.rpl
vendored
1
testdata/val_adbit.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_adcopy.rpl
vendored
1
testdata/val_adcopy.rpl
vendored
@ -6,6 +6,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_ds_afterprime.rpl
vendored
1
testdata/val_ds_afterprime.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_faildnskey_ok.rpl
vendored
1
testdata/val_faildnskey_ok.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_keyprefetch_verify.rpl
vendored
1
testdata/val_keyprefetch_verify.rpl
vendored
@ -9,6 +9,7 @@ server:
|
||||
prefetch: yes
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_noadwhennodo.rpl
vendored
1
testdata/val_noadwhennodo.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_nsec3_b3_optout.rpl
vendored
1
testdata/val_nsec3_b3_optout.rpl
vendored
@ -6,6 +6,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_nsec3_b3_optout_negcache.rpl
vendored
1
testdata/val_nsec3_b3_optout_negcache.rpl
vendored
@ -6,6 +6,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_positive.rpl
vendored
1
testdata/val_positive.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_qds_badanc.rpl
vendored
1
testdata/val_qds_badanc.rpl
vendored
@ -6,6 +6,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_qds_oneanc.rpl
vendored
1
testdata/val_qds_oneanc.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_qds_twoanc.rpl
vendored
1
testdata/val_qds_twoanc.rpl
vendored
@ -8,6 +8,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_referd.rpl
vendored
1
testdata/val_referd.rpl
vendored
@ -9,6 +9,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_referglue.rpl
vendored
1
testdata/val_referglue.rpl
vendored
@ -9,6 +9,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_rrsig.rpl
vendored
1
testdata/val_rrsig.rpl
vendored
@ -6,6 +6,7 @@ server:
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_spurious_ns.rpl
vendored
1
testdata/val_spurious_ns.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
qname-minimisation: "no"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
1
testdata/val_stub_noroot.rpl
vendored
1
testdata/val_stub_noroot.rpl
vendored
@ -7,6 +7,7 @@ server:
|
||||
dlv-anchor: "dlv.isc.org. IN DNSKEY 257 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3"
|
||||
fake-sha1: yes
|
||||
trust-anchor-signaling: no
|
||||
minimal-responses: no
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user