upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-23 10:37:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
bind9/lib/dns/include
History
Ondřej Surý c1ba80169c
Introduce max-delegation-servers configuration option 
Make the maximum number of processed delegation nameservers configurable
via the new 'max-delegation-servers' option (default: 13), replacing the
hardcoded NS_PROCESSING_LIMIT (20).

The default is reduced to 13 to precisely match the maximum number of
root servers that can fit into a classic 512-byte UDP payload.  This
provides a natural, historically sound cap that mitigates resource
exhaustion and amplification attacks from artificially inflated or
misconfigured delegations.

The configuration option is strictly bounded between 1 and 100 to ensure
resolver stability.
2026-03-04 16:13:49 +01:00
..
dns Introduce max-delegation-servers configuration option 2026-03-04 16:13:49 +01:00
dst Change output of rndc dnssec -status 2025-11-28 15:32:17 +01:00
irs Remove C++ support from the public header 2024-12-18 13:10:39 +01:00
.clang-format Add separate .clang-format files for headers 2020-02-14 09:31:05 +01:00
meson.build replace the build system with meson 2025-06-11 10:30:12 +03:00