Switch default TTL override to 1.

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index f3a5d17d68b4f4c1a2a5e959c33f1c3a888d8935..aae84925ef4aa200a374b524dc38a46aea317e00 100644 (file)
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -5344,7 +5344,7 @@ int main(int argc, char **argv)
     ::arg().set("ecs-ipv4-cache-bits", "Maximum number of bits of IPv4 mask to cache ECS response")="24";
     ::arg().set("ecs-ipv6-bits", "Number of bits of IPv6 address to pass for EDNS Client Subnet")="56";
     ::arg().set("ecs-ipv6-cache-bits", "Maximum number of bits of IPv6 mask to cache ECS response")="56";
-    ::arg().set("ecs-minimum-ttl-override", "Set under adverse conditions, a minimum TTL for records in ECS-specific answers")="0";
+    ::arg().set("ecs-minimum-ttl-override", "The minimum TTL for records in ECS-specific answers")="1";
     ::arg().set("ecs-cache-limit-ttl", "Minimum TTL to cache ECS response")="0";
     ::arg().set("edns-subnet-whitelist", "List of netmasks and domains that we should enable EDNS subnet for")="";
     ::arg().set("ecs-add-for", "List of client netmasks for which EDNS Client Subnet will be added")="0.0.0.0/0, ::/0, " LOCAL_NETS_INVERSE;
@@ -5357,7 +5357,7 @@ int main(int argc, char **argv)
     ::arg().setSwitch("gettag-needs-edns-options", "If EDNS Options should be extracted before calling the gettag() hook")="no";
     ::arg().set("udp-truncation-threshold", "Maximum UDP response size before we truncate")="1232";
     ::arg().set("edns-outgoing-bufsize", "Outgoing EDNS buffer size")="1232";
-    ::arg().set("minimum-ttl-override", "Set under adverse conditions, a minimum TTL")="0";
+    ::arg().set("minimum-ttl-override", "The minimum TTL")="1";
     ::arg().set("max-qperq", "Maximum outgoing queries per query")="60";
     ::arg().set("max-ns-address-qperq", "Maximum outgoing NS address queries per query")="10";
     ::arg().set("max-total-msec", "Maximum total wall-clock time per query in milliseconds, 0 for unlimited")="7000";

diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst
index 41dd6008040a5a5be5bfe7692a7d0a45fe6a3ca5..a0778ed8b586396f7846ca553be4d1787cb6e285 100644 (file)
--- a/pdns/recursordist/docs/settings.rst
+++ b/pdns/recursordist/docs/settings.rst
@@ -514,10 +514,10 @@ That is, only if both the limits apply, the record will not be cached.
 ``ecs-minimum-ttl-override``
 ----------------------------
 -  Integer
--  Default: 0 (disabled)
+-  Default: 1
 
 This setting artificially raises the TTLs of records in the ANSWER section of ECS-specific answers to be at least this long.
-While this is a gross hack, and violates RFCs, under conditions of DoS, it may enable you to continue serving your customers.
+Setting this to a value greater than 1 technically is an RFC violation, but might improve performance a lot.
 Can be set at runtime using ``rec_control set-ecs-minimum-ttl 3600``.
 
 .. _setting-ecs-cache-limit-ttl:
@@ -1064,10 +1064,10 @@ returning back to normal processing and handling other events.
 ``minimum-ttl-override``
 ------------------------
 -  Integer
--  Default: 0 (disabled)
+-  Default: 1
 
 This setting artificially raises all TTLs to be at least this long.
-While this is a gross hack, and violates RFCs, under conditions of DoS, it may enable you to continue serving your customers.
+Setting this to a value greater than 1 technically is an RFC violation, but might improve performance a lot.
 Can be set at runtime using ``rec_control set-minimum-ttl 3600``.
 
 .. _setting-new-domain-tracking: