::arg().set("tcp-fast-open", "Enable TCP Fast Open support on the listening sockets, using the supplied numerical value as the queue size")="0";
::arg().set("tcp-fast-open-connect", "Enable TCP Fast Open support on outgoing sockets")="no";
- ::arg().set("nsec3-max-iterations", "Maximum number of iterations allowed for an NSEC3 record")="2500";
+ ::arg().set("nsec3-max-iterations", "Maximum number of iterations allowed for an NSEC3 record")="150";
::arg().set("cpu-map", "Thread to CPU mapping, space separated thread-id=cpu1,cpu2..cpuN pairs")="";
.. versionadded:: 4.1.0
- Integer
-- Default: 2500
+- Default: 150
Maximum number of iterations allowed for an NSEC3 record.
If an answer containing an NSEC3 record with more iterations is received, its DNSSEC validation status is treated as Insecure.
+.. versionchanged:: 4.6.0
+
+ Default is now 150, was 2500 before.
+
.. _setting-packetcache-ttl:
``packetcache-ttl``
Before upgrading, it is advised to read the :doc:`changelog/index`.
When upgrading several versions, please read **all** notes applying to the upgrade.
-4.4.x to 4.5.0 or master
+4.5.x to 4.6.0 or master
------------------------
+Deprecated and changed settings
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+- The :ref:`setting-nsec3-max-iterations` default value has been changed from 2500 to 150.
+
+4.4.x to 4.5.1
+--------------
+
Offensive language
^^^^^^^^^^^^^^^^^^
Synonyms for various settings names containing ``master``, ``slave``,
projects / thirdparty / pdns.git / commitdiff
