]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 729a145) | patch
Cap glue records cached from a referral 11970/head
authorOndřej Surý <ondrej@isc.org>
Wed, 6 May 2026 10:35:22 +0000 (12:35 +0200)
committerOndřej Surý <ondrej@isc.org>
Tue, 12 May 2026 14:17:24 +0000 (16:17 +0200)
commitea00ea92fbb4bda681f5a3b4bb1670a123b60d11
tree736393eb402e055f8f526c0efb6fc83350d23c10tree | snapshot
parent729a14578963e40bf8c3c018c0b86f7c1e8408fbcommit | diff
Cap glue records cached from a referral

The resolver populated the delegation database with every NS RR and
every glue address from a referral, with no aggregate bound.  Resolution
only ever uses the first max-delegation-servers NS owners and a handful
of addresses per NS, so anything beyond that is dead memory.

Stop the NS loop in cache_delegns() at view->max_delegation_servers and
cap each glue rdataset at DELEG_MAX_GLUES_PER_NS (20) addresses, so each
NS owner contributes at most 20 A and 20 AAAA glues.
bin/tests/system/cap_glues/ns1/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/cap_glues/ns1/root.db [new file with mode: 0644] blob
bin/tests/system/cap_glues/ns2/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/cap_glues/ns2/tld.db [new file with mode: 0644] blob
bin/tests/system/cap_glues/ns3/named.conf.j2 [new file with mode: 0644] blob
bin/tests/system/cap_glues/ns3/root.hint [new file with mode: 0644] blob
bin/tests/system/cap_glues/tests_cap_glues.py [new file with mode: 0644] blob
lib/dns/resolver.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git