+5355. [func] What was set with --with-tuning=large option in
+ older BIND9 versions is now a default, and
+ a --with-tuning=small option was added for small
+ (e.g. OpenWRT) systems. [GL !2989]
+
5354. [bug] dnssec-policy created new KSK keys when zone is in
initial stage of signing (the DS is not yet in
rumoured or omnipresent state). Fix by checking
and BIND must be configured with `--enable-dnstap`.
Certain compiled-in constants and default settings can be increased to
-values better suited to large servers with abundant memory resources (e.g,
-64-bit servers with 12G or more of memory) by specifying
-`--with-tuning=large` on the `configure` command line. This can improve
-performance on big servers, but will consume more memory and may degrade
-performance on smaller systems.
+values better suited to small machines, e.g. OpenWRT boxes, by specifying
+`--with-tuning=small` on the `configure` command line. This will decrease
+memory usage by using smaller structures, but will degrade performance.
On Linux, process capabilities are managed in user space using
the `libcap` library, which can be installed on most Linux systems via
<para>
Allow <command>named</command> to use up to
<replaceable class="parameter">#max-socks</replaceable> sockets.
- The default value is 4096 on systems built with default
- configuration options, and 21000 on systems built with
- "configure --with-tuning=large".
+ The default value is 21000 on systems built with default
+ configuration options, and 4096 on systems built with
+ "configure --with-tuning=small".
</para>
<warning>
<para>
projects / thirdparty / bind9.git / commitdiff
