</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>udp-truncation-threshold=...</term>
+ <listitem>
+ <para>
+ EDNS0 allows for large UDP response datagrams, which can potentially raise performance. Large responses however
+ also have downsides in terms of reflection attacks. This setting limits the
+ accepted size. Maximum value is 65535, but values above 4096 should probably not be attempted. Default is 1680.
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term>version</term>
<listitem>
unsigned int g_networkTimeoutMsec;
bool g_logCommonErrors;
bool g_anyToTcp;
+uint16_t g_udpTruncationThreshold;
__thread shared_ptr<RecursorLua>* t_pdl;
__thread RemoteKeeper* t_remotes;
__thread shared_ptr<Regex>* t_traceRegex;
uint32_t maxanswersize= dc->d_tcp ? 65535 : 512;
EDNSOpts edo;
if(getEDNSOpts(dc->d_mdp, &edo)) {
- maxanswersize = min(edo.d_packetsize, (uint16_t) (dc->d_tcp ? 65535 : 1680));
+ maxanswersize = min(edo.d_packetsize, (uint16_t) (dc->d_tcp ? 65535 : g_udpTruncationThreshold));
}
vector<DNSResourceRecord> ret;
g_logCommonErrors=::arg().mustDo("log-common-errors");
g_anyToTcp = ::arg().mustDo("any-to-tcp");
-
+ g_udpTruncationThreshold = ::arg().asNum("udp-truncation-threshold");
+
makeUDPServerSockets();
makeTCPServerSockets();
::arg().setSwitch( "disable-packetcache", "Disable packetcache" )= "no";
::arg().setSwitch( "pdns-distributes-queries", "If PowerDNS itself should distribute queries over threads (EXPERIMENTAL)")="no";
::arg().setSwitch( "any-to-tcp","Answer ANY queries with tc=1, shunting to TCP" )="no";
+ ::arg().set("udp-truncation-threshold", "Maximum UDP response size before we truncate")="1680";
+
::arg().set("include-dir","Include *.conf files from this directory")="";
::arg().setCmd("help","Provide a helpful message");
projects / thirdparty / pdns.git / commitdiff
