Change default of recursor.any_to_tcp to true

This is the client side handling.

Signed-off-by: Otto Moerbeek <otto.moerbeek@open-xchange.com>

diff --git a/pdns/recursordist/docs/upgrade.rst b/pdns/recursordist/docs/upgrade.rst
index 5ad43f9c7cbe40fe374c2c6d5322e236f495901d..2b199e8f00d5cb1d8cddd58fa16c54cb40f6cf05 100644 (file)
--- a/pdns/recursordist/docs/upgrade.rst
+++ b/pdns/recursordist/docs/upgrade.rst
@@ -14,6 +14,10 @@ New Settings
 - The :ref:`setting-yaml-outgoing.cookies_unsupported` setting has been introduced to permanently mark authoritative servers as not supporting cookies.
 - The :ref:`setting-yaml-outgoing.tls_configurations` setting has been introduced to be able to force certificate validation and other properties of outgoing DoT connections.
 
+Changed Settings
+^^^^^^^^^^^^^^^^
+- The default value of  :ref:`setting-yaml-recursor.any_to_tcp` has been changed to ``true``.
+
 :program:`rec_control`
 ^^^^^^^^^^^^^^^^^^^^^^
 
@@ -420,14 +424,14 @@ Offensive language
 Synonyms for various settings names containing ``master``, ``slave``,
 ``whitelist`` and ``blacklist`` have been introduced.
 
-- For :ref:`setting-stats-api-blacklist` use :ref:`setting-stats-api-disabled-list`.
-- For :ref:`setting-stats-carbon-blacklist` use :ref:`setting-stats-carbon-disabled-list`.
-- For :ref:`setting-stats-rec-control-blacklist` use :ref:`setting-stats-rec-control-disabled-list`.
-- For :ref:`setting-stats-snmp-blacklist` use :ref:`setting-stats-snmp-disabled-list`.
-- For :ref:`setting-edns-subnet-whitelist` use :ref:`setting-edns-subnet-allow-list`.
-- For :ref:`setting-new-domain-whitelist` use  :ref:`setting-new-domain-ignore-list`.
-- For :ref:`setting-snmp-master-socket` use :ref:`setting-snmp-daemon-socket`.
-- For the LUA config function :func:`rpzMaster` use :func:`rpzPrimary`.
+- For ``setting-stats-api-blacklist`` use :ref:`setting-stats-api-disabled-list`.
+- For ``setting-stats-carbon-blacklist`` use :ref:`setting-stats-carbon-disabled-list`.
+- For ``setting-stats-rec-control-blacklist`` use :ref:`setting-stats-rec-control-disabled-list`.
+- For ``setting-stats-snmp-blacklist`` use :ref:`setting-stats-snmp-disabled-list`.
+- For ``setting-edns-subnet-whitelist`` use :ref:`setting-edns-subnet-allow-list`.
+- For ``setting-new-domain-whitelist`` use  :ref:`setting-new-domain-ignore-list`.
+- For ``setting-snmp-master-socket`` use :ref:`setting-snmp-daemon-socket`.
+- For the LUA config function ``rpzMaster`` use :func:`rpzPrimary`.
 
 Currently, the older setting names are also accepted and used.
 The next release will start deprecating them.

diff --git a/pdns/recursordist/rec-rust-lib/table.py b/pdns/recursordist/rec-rust-lib/table.py
index febd0c6500d16f4a32d267600fd372c26ebddde2..6ec67c80f0550849a3769fea9a69da61788d367b 100644 (file)
--- a/pdns/recursordist/rec-rust-lib/table.py
+++ b/pdns/recursordist/rec-rust-lib/table.py
@@ -217,12 +217,13 @@ If not set (the default), these queries are answered with rcode ``Refused``.
         'name' : 'any_to_tcp',
         'section' : 'recursor',
         'type' : LType.Bool,
-        'default' : 'false',
+        'default' : 'true',
         'help' : 'Answer ANY queries with tc=1, shunting to TCP',
         'doc' : '''
-Answer questions for the ANY type on UDP with a truncated packet that refers the remote server to TCP.
+Answer questions for the ANY type on UDP with a truncated packet that refers the remote client to TCP.
 Useful for mitigating ANY reflection attacks.
  ''',
+    'versionchanged': ('5.4.0', 'Default is enabled now, was disabled before 5.4.0'),
     },
     {
         'name' : 'allow_trust_anchor_query',