upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-29 10:59:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
2395 commits 23 branches 209 tags 124 MiB
Commit graph

332 commits

Author SHA1 Message Date
Wouter Wijngaards
59f5480df1 - fix replyaddr count wrong after jostled queries, which leads to 
eventual starvation where the daemon has no replyaddrs left to use.


git-svn-id: file:///svn/unbound/trunk@2445 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-30 11:01:44 +00:00
Wouter Wijngaards
ca38a8bd55 - feature, ignore-cd-flag: yesno to provide dnssec to legacy servers. 
git-svn-id: file:///svn/unbound/trunk@2414 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-05-10 11:20:14 +00:00
Wouter Wijngaards
efb9c02d54 - iana portlist updated. 
- queries with CD flag set cause DNSSEC validation, but the answer is
  not withheld if it is bogus.  Thus, unbound will retry if it is bad
  and curb the TTL if it is bad, thus protecting the cache for use by
  downstream validators.


git-svn-id: file:///svn/unbound/trunk@2409 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-04-08 13:58:41 +00:00
Wouter Wijngaards
3c87eb6c49 - harden-below-nxdomain: changed so that it activates when the 
cached nxdomain is dnssec secure.  This avoids backwards
         incompatibility because those old servers do not have dnssec.


git-svn-id: file:///svn/unbound/trunk@2407 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-29 09:47:54 +00:00
Matthijs Mekking
797ef20155 nicely outlined 
git-svn-id: file:///svn/unbound/trunk@2378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-17 13:59:07 +00:00
Wouter Wijngaards
5feb72d1eb fix 
git-svn-id: file:///svn/unbound/trunk@2376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:58:05 +00:00
Wouter Wijngaards
22ac684cd9 and store bogus ttl (this is not picked out of the cache to send to, so saves work and avoids this target) 
git-svn-id: file:///svn/unbound/trunk@2375 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:51:11 +00:00
Wouter Wijngaards
e2dc829258 store if ttl expired 
git-svn-id: file:///svn/unbound/trunk@2374 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:23:51 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
0bc54677db - Fix in infra cache that could cause rto larger than TOP_TIMEOUT kept. 
git-svn-id: file:///svn/unbound/trunk@2361 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-23 10:49:47 +00:00
Wouter Wijngaards
bc7ac1981a Fix compile on WinXP. 
git-svn-id: file:///svn/unbound/trunk@2352 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-15 14:44:04 +00:00
Wouter Wijngaards
dd8e44ac37 - feature typetransparent localzone, does not block other RR types. 
git-svn-id: file:///svn/unbound/trunk@2350 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-02 12:39:33 +00:00
Wouter Wijngaards
9997255caa - Fix bug#338: print address when socket creation fails. 
git-svn-id: file:///svn/unbound/trunk@2349 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-01 09:59:39 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00
Wouter Wijngaards
78cc3d8ae1 harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
Wouter Wijngaards
289f13bc25 - implement draft-vixie-dnsext-resimprove-00, we stop on NXDOMAIN. 
git-svn-id: file:///svn/unbound/trunk@2345 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-17 10:02:34 +00:00
Wouter Wijngaards
8c5b3d3c8f - so-sndbuf option for very busy servers, a bit like so-rcvbuf. 
git-svn-id: file:///svn/unbound/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 14:30:34 +00:00
Wouter Wijngaards
0b30fca935 - do not synthesize a CNAME message from cache for qtype DS. 
git-svn-id: file:///svn/unbound/trunk@2335 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-05 15:29:50 +00:00
Wouter Wijngaards
a3a1119f54 - Change the rtt used to probe EDNS-timeout hosts to 1000 msec. 
git-svn-id: file:///svn/unbound/trunk@2329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-03 09:06:49 +00:00
Wouter Wijngaards
758a42643a nicer output from debug commands 
git-svn-id: file:///svn/unbound/trunk@2314 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-27 08:09:22 +00:00
Wouter Wijngaards
fdfa7b2793 subtract 1000 so it is more than the RTT_BAND 
git-svn-id: file:///svn/unbound/trunk@2313 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:41:23 +00:00
Wouter Wijngaards
a6b302f117 fix for top reuse 
git-svn-id: file:///svn/unbound/trunk@2312 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:28:01 +00:00
Wouter Wijngaards
498cc8ab88 - Change of timeout code. No more lost and backoff in blockage. 
At 12sec timeout (and at least 2x lost before) one probe per IP
  is allowed only.  At 120sec, the IP is blocked.  After 15min, a
  120sec entry has a single retry packet.


git-svn-id: file:///svn/unbound/trunk@2311 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:02:08 +00:00
Wouter Wijngaards
a032ac2f61 neater API for unbound-control lookup. 
git-svn-id: file:///svn/unbound/trunk@2310 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 13:43:28 +00:00
Wouter Wijngaards
a72fe210ca remove lost and backoff values. 
git-svn-id: file:///svn/unbound/trunk@2309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 13:30:37 +00:00
Wouter Wijngaards
f2ae3e8167 dump_infra and flush_infra commands for unbound-control. 
git-svn-id: file:///svn/unbound/trunk@2306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 09:08:33 +00:00
Wouter Wijngaards
2bdb094f7b - Fix bug where fallback_tcp causes wrong roundtrip and edns 
observation to be noted in cache.  Fix bug where EDNSprobe halted
  exponential backoff if EDNS status unknown.
- new unresponsive host method, exponentially increasing block backoff.
- iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2303 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-21 15:11:39 +00:00
Wouter Wijngaards
25a2e1da5a lint 
git-svn-id: file:///svn/unbound/trunk@2302 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-20 10:14:12 +00:00
Wouter Wijngaards
ea85e23516 Jostle time used to estimate roundtrip. 
git-svn-id: file:///svn/unbound/trunk@2301 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-20 08:19:05 +00:00
Wouter Wijngaards
c5fe4a8bf3 Enable interface-automatic for people for whom it works. 
git-svn-id: file:///svn/unbound/trunk@2300 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-20 05:36:00 +00:00
Wouter Wijngaards
e238b47b0a Fix for request list growth. 
git-svn-id: file:///svn/unbound/trunk@2298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-19 14:53:29 +00:00
Wouter Wijngaards
1b773f682f - Fix TCP so it uses a random outgoing-interface. 
git-svn-id: file:///svn/unbound/trunk@2280 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 08:52:29 +00:00
Wouter Wijngaards
bc54fa3e58 addr_is_any 
git-svn-id: file:///svn/unbound/trunk@2279 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-13 07:59:55 +00:00
Wouter Wijngaards
d75bca38f9 - compliance with draft-ietf-dnsop-default-local-zones-14, removed 
reverse ipv6 orchid prefix from builtin list.


git-svn-id: file:///svn/unbound/trunk@2240 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-22 06:53:32 +00:00
Wouter Wijngaards
2a6a51c465 - increased mesh-max-activation from 1000 to 3000 for crazy domains 
like _tcp.slb.com with 262 servers.


git-svn-id: file:///svn/unbound/trunk@2229 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-14 08:27:23 +00:00
Wouter Wijngaards
9d66b48885 - openbsd-lint fixes: acl_list_get_mem used if debug-alloc enabled. 
iterator get_mem includes priv_get_mem.  delegpt nodup removed.
  listen_pushback, query_info_allocqname, write_socket, send_packet,
  comm_point_set_cb_arg and listen_resume removed.


git-svn-id: file:///svn/unbound/trunk@2222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-20 13:30:41 +00:00
Wouter Wijngaards
78216e8d02 patch for Gunter bug321 
git-svn-id: file:///svn/unbound/trunk@2218 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-18 16:53:56 +00:00
Wouter Wijngaards
45f74a1497 - Fix integer underflow in prefetch ttl creation from cache. This 
fixes a potential negative prefetch ttl.
-This line, and those below, will be ignored--

M    trunk/services/cache/dns.c
M    trunk/doc/Changelog


git-svn-id: file:///svn/unbound/trunk@2198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-14 11:13:30 +00:00
Wouter Wijngaards
f042f0dd5d - Neat function prototypes, unshadowed local declarations. 
git-svn-id: file:///svn/unbound/trunk@2188 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-07 13:13:36 +00:00
Wouter Wijngaards
6351307ab4 - Fix the max number of reply-address count 
git-svn-id: file:///svn/unbound/trunk@2171 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-28 12:50:04 +00:00
Wouter Wijngaards
0a848d686c - Fix jostle list bug found by Vince (luoce@cnnic), it caused the qps 
in overload situations to be about 5 qps for the class of shortly
  serviced queries.
  The capacity of the resolver is then about (numqueriesperthread / 2)
  / (average time for such long queries) qps for long queries.
  And about (numqueriesperthread / 2)/(jostletimeout in whole seconds)
  qps for short queries, per thread.


git-svn-id: file:///svn/unbound/trunk@2170 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-28 11:42:21 +00:00
Wouter Wijngaards
b9603c178a - Fix bug where a long loop could be entered, now cycle detection 
has a loop-counter and maximum search amount.


git-svn-id: file:///svn/unbound/trunk@2144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-10 14:10:17 +00:00
Wouter Wijngaards
8360afa15f - fix parentside from cache to be marked dispreferred for bad names. 
git-svn-id: file:///svn/unbound/trunk@2125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 14:39:45 +00:00
Wouter Wijngaards
6d77834955 parent-child misconfigured data lookup. 
git-svn-id: file:///svn/unbound/trunk@2119 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-28 14:15:29 +00:00
Wouter Wijngaards
75bce22b30 - EDNS timeout code will not fire if EDNS status already known. 
- EDNS failure not stored if EDNS status known to work.


git-svn-id: file:///svn/unbound/trunk@2115 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-21 11:00:35 +00:00
Wouter Wijngaards
816c6a513b - Conforms to draft-ietf-dnsop-default-local-zones-13. Added default 
reverse lookup blocks for IPv4 test nets 100.51.198.in-addr.arpa,
  113.0.203.in-addr.arpa and Orchid prefix 0.1.1.0.0.2.ip6.arpa.


git-svn-id: file:///svn/unbound/trunk@2108 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-04 10:50:27 +00:00
Wouter Wijngaards
8f4957a0e0 - infra cache entries that are expired are wiped clean. Previously 
it was possible to not expire host data (if accessed often).


git-svn-id: file:///svn/unbound/trunk@2106 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-29 14:12:54 +00:00
Wouter Wijngaards
910bad74ea - Fix local-zone type redirect that did not use the query name for 
the answer rrset.


git-svn-id: file:///svn/unbound/trunk@2092 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-23 14:03:09 +00:00
Wouter Wijngaards
8452c8cd5d Includes for BSD4. 
git-svn-id: file:///svn/unbound/trunk@2080 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-15 14:53:55 +00:00
Wouter Wijngaards
18a7df3d5c - Fix EDNS probe for .de DNSSEC testbed failure, where the infra 
cache timeout coincided with a server update, the current EDNS 
  backoff is less sensitive, and does not cache the backoff unless 
  the backoff actually works and the domain is not expecting DNSSEC.


git-svn-id: file:///svn/unbound/trunk@2063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-06 08:35:37 +00:00