mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-22 01:56:00 -04:00
c1ba80169c
Make the maximum number of processed delegation nameservers configurable via the new 'max-delegation-servers' option (default: 13), replacing the hardcoded NS_PROCESSING_LIMIT (20). The default is reduced to 13 to precisely match the maximum number of root servers that can fit into a classic 512-byte UDP payload. This provides a natural, historically sound cap that mitigates resource exhaustion and amplification attacks from artificially inflated or misconfigured delegations. The configuration option is strictly bounded between 1 and 100 to ensure resolver stability. |
||
|---|---|---|
| .. | ||
| arm | ||
| changelog | ||
| design | ||
| dev | ||
| dnssec-guide | ||
| doxygen | ||
| man | ||
| misc | ||
| notes | ||
| meson.build | ||