If it is absolutely necessary to support UDP exchanges over an untrusted network, a few options have been introduced in
1.8.0 to make spoofing attempts harder:
-- :func::`setRandomizedIdsOverUDP` will randomize the IDs in outgoing queries, at a small performance cost. :func:`setMaxUDPOutstanding`
+- :func:`setRandomizedIdsOverUDP` will randomize the IDs in outgoing queries, at a small performance cost. :func:`setMaxUDPOutstanding`
should be set at its highest possible value (default since 1.4.0) to make that setting fully efficient.
- :func:`setRandomizedOutgoingSockets` can be used to randomize the outgoing socket used when forwarding a query to a backend.
This requires configuring the backend to use more than one outgoing socket via the ``sockets`` parameter of :func:`newServer`
.. versionadded:: 1.7.0
Set how often, in seconds, the outgoing DoH connections to backends of a given worker thread are scanned to expunge the ones that are no longer usable. The default is 60 so once per minute and per worker thread.
+
:param int interval: The interval in seconds.
.. function:: setDoHDownstreamMaxIdleTime(max)