Ralph Dolmans
74ec8a758b
Merge pull request #272 from NLnetLabs/edns-client-tag
...
Add EDNS client tag functionality
2020-08-05 16:07:49 +02:00
W.C.A. Wijngaards
8f2b9b461b
dlv removal, remove DLV references from man page and pythonmod interface.
2020-08-05 10:25:56 +02:00
W.C.A. Wijngaards
c0c722cd97
DLV removal
2020-08-04 09:05:09 +02:00
Ubuntu
f95dce8e34
Rebase on master
2020-07-29 16:02:16 +00:00
Ubuntu
027884aad2
Disable enforcing of min/max TTL when serving original TTL
2020-07-29 15:52:58 +00:00
W.C.A. Wijngaards
75be0d3e14
Merge branch 'master' into infra-keep-probing
2020-07-27 13:16:39 +02:00
Ralph Dolmans
64806a0d14
Add edns-client-tag configuration option
2020-07-24 14:52:04 +02:00
and0x000
dd0b55250b
draft-ietf-dnsop-serve-stale-10 has become RFC 8767 on March 2020
2020-07-20 18:10:21 +02:00
W.C.A. Wijngaards
3d1383bed3
Merge branch 'master' into infra-keep-probing
2020-07-16 16:00:06 +02:00
George Thessalonikefs
833ab1aab3
Merge branch 'master' into include-toplevel
2020-07-16 12:53:29 +02:00
Ubuntu
b5b79e3a36
Add feature to serve original TTLs rather than decrementing ones
2020-07-15 15:15:45 +00:00
George Thessalonikefs
7f802b07ef
Merge branch 'master' into include-toplevel
2020-07-15 15:17:48 +02:00
Ralph Dolmans
9cebc13150
- Add option to send DNSTAP messages over bidirectional frame streams
2020-07-13 17:28:50 +02:00
Ralph Dolmans
740da89578
Merge branch 'master' into doh
2020-06-24 14:18:47 +02:00
W.C.A. Wijngaards
4fe2122890
Merge branch 'master' into infra-keep-probing
...
Remade yacc and lex files.
2020-06-24 13:21:14 +02:00
W.C.A. Wijngaards
6e0756e819
- Fix default explanation in man page for qname-minimisation-strict.
2020-06-17 08:20:52 +02:00
W.C.A. Wijngaards
c053513cbd
- Mention tls name possible when tls is enabled for stub-addr in the
...
man page.
2020-06-08 08:35:10 +02:00
W.C.A. Wijngaards
a238f35d7d
- For PR #93 : man page spelling reference fix.
2020-05-18 10:22:00 +02:00
W.C.A. Wijngaards
edcef18274
Merge branch 'master' of git://github.com/PMunch/unbound into PMunch-master
...
Fixed conflicts in Makefile.in and configparser.y
2020-05-15 14:52:53 +02:00
Ralph Dolmans
4fc7b434d7
- Document new DoH configuration options.
2020-05-13 13:05:40 +02:00
Ralph Dolmans
e7601870cc
Merge branch 'master' into doh
2020-05-07 17:12:26 +02:00
Ralph Dolmans
8dae5d9f81
- Add DNS-over-HTTPS support
2020-05-07 16:36:26 +02:00
George Thessalonikefs
1bd4dbf302
- New include directive 'include-toplevel:'. It closes the previous
...
clause (if any) and requires that all included files explicitly
start a clause.
2020-04-29 11:23:12 +02:00
W.C.A. Wijngaards
055f5e68a3
Add infra-keep-probing: yes option. Hosts that are down are probed more
...
frequently.
2020-04-22 16:29:06 +02:00
George Thessalonikefs
226d66ca92
- Change default value for 'rrset-roundrobin' to yes.
2020-04-21 12:58:48 +02:00
George Thessalonikefs
e430e95d30
- Add SNI support on more TLS connections ( fixes #193 ).
...
- Add SNI support to unbound-anchor.
2020-04-16 14:39:05 +02:00
Willem Toorop
2c8a91c2f9
pad-queries default yes
2020-04-14 08:52:51 +02:00
Willem Toorop
60e53d36b7
Merge branch 'master' into features/padding
2020-04-14 08:28:41 +02:00
George Thessalonikefs
33a2613a49
- More documentation for redis-expire-records option.
2020-04-06 13:46:45 +02:00
Willem Toorop
551e476a17
Merge branch 'master' into features/padding
2020-04-02 18:54:18 +02:00
Willem Toorop
4f78b37c61
Down- and upstream padding a la RFC7830 & RFC8467
2020-04-02 18:34:03 +02:00
George Thessalonikefs
557a309f9d
- Changes for PR #206 (formatting and remade lex and yacc output).
2020-04-01 17:14:58 +02:00
George Thessalonikefs
20aa782ce5
Merge branch 'master' of https://github.com/Talkabout/unbound into Talkabout-redis-expire-records
2020-04-01 16:04:48 +02:00
Talkabout
c25eb2c4c8
implemented review feedback
...
renamed option from 'redis-set-ttl' to 'redis-expire-records'
2020-03-31 23:10:45 +02:00
Talkabout
b130a8b459
added option 'redis-set-ttl' to define whether ttl should be added to redis records
...
added check for redis command 'setex' when initializing redis connection
updated documentation
minor improvements to previous changes
2020-03-31 12:47:13 +02:00
W.C.A. Wijngaards
65e7be5190
nroff fix for dash.
2020-03-30 10:29:15 +02:00
Willem Toorop
d8dcee4c71
Clarify if-automatic listens on 0.0.0.0 and ::
2020-03-30 10:07:25 +02:00
Yaroslav K
c0118410a2
add ip-dscp configuration option for setting IP DiffServ codepoint (DSCP, previously TOS) on sockets
2020-03-23 19:37:43 +00:00
W.C.A. Wijngaards
614ed2717b
Merge branch 'master' into framestreams
...
Fixed bison and flex conflicts by regenerating the files.
2020-02-28 14:31:24 +01:00
W.C.A. Wijngaards
e24d7c64a8
Dnstap io, note that it creates a thread when possible.
2020-02-26 12:21:42 +01:00
W.C.A. Wijngaards
de35486fb7
Documentation for prefer-ip4, Issue #165 .
2020-02-25 09:58:32 +01:00
W.C.A. Wijngaards
b4f055effc
Merge branch 'master' into framestreams
2020-02-17 15:25:47 +01:00
W.C.A. Wijngaards
6d1b4e050d
dnstap io, dnstap tls default is yes, and man page documentation.
2020-02-14 10:01:37 +01:00
W.C.A. Wijngaards
77bdbc6e98
- Fix spelling in unbound.conf.5.in.
2020-02-14 07:54:49 +01:00
George Thessalonikefs
8e135d5f59
- Document in unbound.conf manpage that configuration clauses can be repeated in the configuration file.
2020-02-06 14:39:58 +01:00
gthess
f7fe95ad7b
Serve stale ( #159 )
...
- Added serve-stale functionality as described in
draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107 .
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
2020-02-05 14:20:27 +01:00
Ralph Dolmans
056176ec9a
Merge branch 'master' into rpz
2020-01-30 15:57:34 +01:00
PMunch
b7e8dc1182
Merge branch 'master' into master
2020-01-28 13:18:01 +01:00
Mikhail Nacharov
c3fac2550f
minor #1344 change rfc reference for reserved top level dns names
2020-01-27 22:04:09 +05:00
Ralph Dolmans
9877e52161
Merge branch 'master' of github.com:NLnetLabs/unbound into rpz
2020-01-15 23:44:10 +01:00
W.C.A. Wijngaards
453c84b237
- Fix #140 : Document slave not downloading new zonefile upon update.
2020-01-06 16:36:44 +01:00
Ralph Dolmans
bbb737ca5a
processing RPZ review feedback
2019-11-22 12:56:24 +08:00
Dionysis Grigoropoulos
e8b8d42f8b
manpage: Add missing word on unbound.conf
2019-10-23 00:35:49 +03:00
PMunch
f177dc974c
Add support for multiple dynamic modules
...
Allows the use of multiple dynamic modules. Simply add more "dynlib"
entries to the "modules-config" and the same amount of "dynlib-file"
entries in the dynlib configuration block.
2019-10-21 15:59:53 +02:00
PMunch
8eeb910e3d
Improve dynlib module and add documentation
...
Dynamic library module is now only a thin wrapper that loads dynamic
libraries and forwards all function calls directly to the loaded module.
This meant adding get_mem and clear, and get_mem calls have been added
in the expected places.
Documentation has also been added to the example.conf and the
unbound.conf manpage.
2019-10-21 14:20:33 +02:00
Maryse47
ce0e9bef45
Consistently use /dev/urandom instead of /dev/random in scripts and docs
...
Unbound code call /dev/urandom (see below) but various docs and scripts
mention /dev/random which may be confusing.
https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/arc4random.c#L107
https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/getentropy_linux.c#L251
https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/getentropy_osx.c
https://github.com/NLnetLabs/unbound/blob/release-1.9.3/compat/getentropy_solaris.c#L116
2019-09-19 17:40:49 +02:00
Arsen Stasic
9303292b7f
Improve wording in man page
...
Make it more consistent throughout the man page.
If a config option can either be *yes* or *no* use exact these terms and not something like *on* which could be easily read as *no*.
2019-09-19 14:51:54 +00:00
Ralph Dolmans
f3dfb4d537
Typo fix, reported by jpmens
2019-09-09 18:54:23 +02:00
Ralph Dolmans
2b5cd8e9b4
Merge remote-tracking branch 'ralph/feature/rpz' into rpz
2019-09-09 17:11:26 +02:00
Ralph Dolmans
8b752e359e
- Document limitation of pidfile removal outside of chroot directory.
2019-08-19 13:27:19 +02:00
Ralph Dolmans
abbb5c0f6d
Update RPZ man page and example.conf
2019-08-07 14:53:23 +02:00
W.C.A. Wijngaards
63b2628a18
Merge branch 'dev/all-merged/master' of git://github.com/episource/unbound into episource-dev/all-merged/master
2019-06-18 17:07:57 +02:00
Ralph Dolmans
a77c35ef50
Add RPZ config options to unbound.conf man page.
2019-06-04 15:39:08 +02:00
W.C.A. Wijngaards
1c3ba0cef7
- Note that so-reuseport at extreme load is better turned off,
...
otherwise queries are not distributed evenly, on Linux 4.4.x.
2019-05-20 11:57:09 +02:00
Wouter Wijngaards
ff026a1f3c
Merge branch 'master' into features/XoT
2019-04-29 10:32:27 +02:00
W.C.A. Wijngaards
af11b54071
Review changes for the XoT branch
...
With doc, SSL setup function, and function parameter doc.
2019-04-29 10:25:19 +02:00
George Thessalonikefs
d1150541bb
- Update python documentation for init_standard().
...
- Typos.
git-svn-id: file:///svn/unbound/trunk@5157 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-04-11 15:03:04 +00:00
Philipp Serr
bfae29866b
Document how to configure multiple python modules
2019-03-02 14:32:49 +01:00
Wouter Wijngaards
beebe5ba0c
- Fix #4229 : Unbound man pages lack information, about access-control
...
order and local zone tags, and elements in views.
git-svn-id: file:///svn/unbound/trunk@5123 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-02-27 06:56:21 +00:00
Wouter Wijngaards
3599fd9c60
- In man page and example config explain that most modules have to
...
be listed at the start of module-config.
git-svn-id: file:///svn/unbound/trunk@5121 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-02-21 10:03:11 +00:00
Wouter Wijngaards
49a36d98bb
- Fix #13 : Remove left-over requirements on OpenSSL >= 1.1.0 for
...
cert name matching, from man page.
git-svn-id: file:///svn/unbound/trunk@5112 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-02-11 09:59:47 +00:00
Wouter Wijngaards
4e249c96e8
- Note default for module-config in man page.
...
git-svn-id: file:///svn/unbound/trunk@5109 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-02-11 08:53:59 +00:00
Wouter Wijngaards
fe97f25b75
- Fix that log-replies prints the correct name for local-alias
...
names, for names that have a CNAME in local-data configuration.
It logs the original query name, not the target of the CNAME.
- Add local-zone type inform_redirect, which logs like type inform,
and redirects like type redirect.
git-svn-id: file:///svn/unbound/trunk@5099 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-02-04 09:51:27 +00:00
Wouter Wijngaards
91f585ed38
- improve documentation for forward-first.
...
git-svn-id: file:///svn/unbound/trunk@5092 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-31 09:37:06 +00:00
Wouter Wijngaards
b9b226bdea
- improve documentation for tls-service-key.
...
git-svn-id: file:///svn/unbound/trunk@5091 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-31 09:22:48 +00:00
Wouter Wijngaards
649e265d6f
- Fix for IXFR fallback to reset counter when IXFR does not timeout.
...
git-svn-id: file:///svn/unbound/trunk@5066 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-23 11:52:17 +00:00
Wouter Wijngaards
d3f397c686
More fixes, statistic counter at end of struct for backwards compatibility, man page, free at exit, indent.
...
git-svn-id: file:///svn/unbound/trunk@5062 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-23 10:19:04 +00:00
Wouter Wijngaards
5d82b7c421
- Fixes for the patch, and man page entry.
...
git-svn-id: file:///svn/unbound/trunk@5055 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-23 08:45:16 +00:00
Wouter Wijngaards
dec68aa9a9
- Doc for stream-wait-size and unit test.
...
git-svn-id: file:///svn/unbound/trunk@5048 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-22 08:52:23 +00:00
Wouter Wijngaards
fe6eb5f665
- Document interaction between the tls-upstream option in the server
...
section and forward-tls-upstream option in the forward-zone sections.
git-svn-id: file:///svn/unbound/trunk@5027 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-07 10:52:08 +00:00
Wouter Wijngaards
91971db3d0
And document.
...
git-svn-id: file:///svn/unbound/trunk@5009 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-12-03 14:56:12 +00:00
Wouter Wijngaards
2ad55ba791
- log-tag-queryreply: yes in unbound.conf tags the log-queries and
...
log-replies in the log file for easier log filter maintenance.
git-svn-id: file:///svn/unbound/trunk@5000 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-11-30 09:45:37 +00:00
Wouter Wijngaards
ac8dc59341
- Patch for typo in unbound.conf man page.
...
git-svn-id: file:///svn/unbound/trunk@4999 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-11-30 08:33:50 +00:00
Wouter Wijngaards
b04e84ab9e
- auth-zone give SERVFAIL when expired, fallback activates when
...
expired, and this is documented in the man page.
git-svn-id: file:///svn/unbound/trunk@4983 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-11-27 12:31:37 +00:00
Wouter Wijngaards
fd5e4e6019
- Fix #4126 : RTT_band too low on VSAT links with 600+ms latency,
...
adds the option unknown-server-time-limit to unbound.conf that
can be increased to avoid the problem.
git-svn-id: file:///svn/unbound/trunk@4954 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 09:21:41 +00:00
Ralph Dolmans
359dcc3c5c
Document min-client-subnet-ipv4/6 default value
...
git-svn-id: file:///svn/unbound/trunk@4952 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 08:55:55 +00:00
Ralph Dolmans
6021341118
- Add min-client-subnet-ipv6 and min-client-subnet-ipv4 options.
...
git-svn-id: file:///svn/unbound/trunk@4951 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 08:53:50 +00:00
Wouter Wijngaards
23505d30a5
- Fix #4190 : Please create a "ANY" deny option, adds the option
...
deny-any: yes in unbound.conf. This responds with an empty message
to queries of type ANY.
git-svn-id: file:///svn/unbound/trunk@4949 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 08:07:37 +00:00
Wouter Wijngaards
5fec1c8b1f
- Fix #4154 : make ECS_MAX_TREESIZE configurable, with
...
the max-ecs-tree-size-ipv4 and max-ecs-tree-size-ipv6 options.
git-svn-id: file:///svn/unbound/trunk@4945 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-22 14:54:28 +00:00
Ralph Dolmans
6b5e7d78e3
- Change fast-server-num default to 3.
...
git-svn-id: file:///svn/unbound/trunk@4941 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-22 09:36:36 +00:00
Ralph Dolmans
02bd3e2ff1
- Add fast-server-permil and fast-server-num options.
...
- Deprecate low-rtt and low-rtt-permil options.
git-svn-id: file:///svn/unbound/trunk@4938 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-08 16:03:46 +00:00
Wouter Wijngaards
a09c4bbdc2
- Fix spelling errors.
...
git-svn-id: file:///svn/unbound/trunk@4893 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-11 13:28:21 +00:00
Ralph Dolmans
2e5e31e8ac
- Added serve-expired-ttl and serve-expired-ttl-reset options.
...
git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-28 14:21:56 +00:00
Wouter Wijngaards
e0745813f4
- Set defaults to yes for a number of options to increase speed and
...
resilience of the server. The so-reuseport, harden-below-nxdomain,
and minimal-responses options are enabled by default. They used
to be disabled by default, waiting to make sure they worked. They
are enabled by default now, and can be disabled explicitly by
setting them to "no" in the unbound.conf config file. The reuseport
and minimal options increases speed of the server, and should be
otherwise harmless. The harden-below-nxdomain option works well
together with the recently default enabled qname minimisation, this
causes more fetches to use information from the cache.
git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-27 13:18:19 +00:00
Wouter Wijngaards
504ef71975
and documentation.
...
git-svn-id: file:///svn/unbound/trunk@4866 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-21 07:14:48 +00:00
Wouter Wijngaards
4fe427ded2
- log-servfail: yes prints log lines that say why queries are
...
returning SERVFAIL to clients.
git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 15:22:05 +00:00
Wouter Wijngaards
8b1012613e
documentation.
...
git-svn-id: file:///svn/unbound/trunk@4847 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-09 12:48:33 +00:00
Wouter Wijngaards
586b811b87
- Patch to implement tcp-connection-limit from Jim Hague (Sinodun).
...
This limits the number of simultaneous TCP client connections
from a nominated netblock.
And a simple test for TCP connection limit.
git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-07 11:57:42 +00:00
Wouter Wijngaards
e3f08cb2a2
- Implement progressive backoff of TCP idle/keepalive timeout.
...
git-svn-id: file:///svn/unbound/trunk@4806 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-07-31 07:20:15 +00:00
Wouter Wijngaards
a92b00ef3c
- Correct and expand manual page entries for keepalive and idle timeout.
...
git-svn-id: file:///svn/unbound/trunk@4805 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-07-31 07:19:26 +00:00