- Set defaults to yes for a number of options to increase speed and

  resilience of the server.  The so-reuseport, harden-below-nxdomain,
  and minimal-responses options are enabled by default.  They used
  to be disabled by default, waiting to make sure they worked.  They
  are enabled by default now, and can be disabled explicitly by
  setting them to "no" in the unbound.conf config file.  The reuseport
  and minimal options increases speed of the server, and should be
  otherwise harmless.  The harden-below-nxdomain option works well
  together with the recently default enabled qname minimisation, this
  causes more fetches to use information from the cache.

git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 8d6ca34b44999caef0e4c3851147e8eb91b298d5..39f52473995d291525dad59fd8d351cf8b6b2e0e 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,15 @@
+27 August 2018: Wouter
+       - Set defaults to yes for a number of options to increase speed and
+         resilience of the server.  The so-reuseport, harden-below-nxdomain,
+         and minimal-responses options are enabled by default.  They used
+         to be disabled by default, waiting to make sure they worked.  They
+         are enabled by default now, and can be disabled explicitly by
+         setting them to "no" in the unbound.conf config file.  The reuseport
+         and minimal options increases speed of the server, and should be
+         otherwise harmless.  The harden-below-nxdomain option works well
+         together with the recently default enabled qname minimisation, this
+         causes more fetches to use information from the cache.
+
 22 August 2018: George
        - #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This
          gives access to reply information for the client's communication

diff --git a/doc/example.conf.in b/doc/example.conf.in
index 61aa74780bc1640596b0a1a4c344b74d1963a8da..7eb8b776d36091ed5f1decc719217555f7626a6b 100644 (file)
--- a/doc/example.conf.in
+++ b/doc/example.conf.in
@@ -103,7 +103,7 @@ server:
        # so-sndbuf: 0
 
        # use SO_REUSEPORT to distribute queries over threads.
-       # so-reuseport: no
+       # so-reuseport: yes
 
        # use IP_TRANSPARENT so the interface: addresses can be non-local
        # and you can config non-existing IPs that are going to work later on
@@ -373,7 +373,7 @@ server:
        # harden-dnssec-stripped: yes
 
        # Harden against queries that fall under dnssec-signed nxdomain names.
-       # harden-below-nxdomain: no
+       # harden-below-nxdomain: yes
 
        # Harden the referral path by performing additional queries for
        # infrastructure data.  Validates the replies (if possible).
@@ -454,7 +454,7 @@ server:
 
        # if yes, Unbound doesn't insert authority/additional sections
        # into response messages when those sections are not required.
-       # minimal-responses: no
+       # minimal-responses: yes
 
        # true to disable DNSSEC lameness check in iterator.
        # disable-dnssec-lame-check: no

diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index f731d3c170ead5a853ddfd4baf4a378d7b5cbbc6..6b24d47d3b2fd506bb5bdb2bbb822c5e394123c6 100644 (file)
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -278,9 +278,9 @@ to so\-rcvbuf.
 .B so\-reuseport: \fI<yes or no>
 If yes, then open dedicated listening sockets for incoming queries for each
 thread and try to set the SO_REUSEPORT socket option on each socket.  May
-distribute incoming queries to threads more evenly.  Default is no.  On Linux
-it is supported in kernels >= 3.9.  On other systems, FreeBSD, OSX it may
-also work.  You can enable it (on any platform and kernel),
+distribute incoming queries to threads more evenly.  Default is yes.
+On Linux it is supported in kernels >= 3.9.  On other systems, FreeBSD, OSX
+it may also work.  You can enable it (on any platform and kernel),
 it then attempts to open the port and passes the option if it was available
 at compile time, if that works it is used, if it fails, it continues
 silently (unless verbosity 3) without the option.
@@ -747,7 +747,7 @@ noerror for empty nonterminals, hence this is possible.  Very old software
 might return nxdomain for empty nonterminals (that usually happen for reverse
 IP address lookups), and thus may be incompatible with this.  To try to avoid
 this only DNSSEC-secure nxdomains are used, because the old software does not
-have DNSSEC.  Default is off.
+have DNSSEC.  Default is on.
 The nxdomain must be secure, this means nsec3 with optout is insufficient.
 .TP
 .B harden\-referral\-path: \fI<yes or no>
@@ -861,9 +861,11 @@ from the query ID, for speed and thread safety).  Default is no.
 If yes, Unbound doesn't insert authority/additional sections into response
 messages when those sections are not required.  This reduces response
 size significantly, and may avoid TCP fallback for some responses.
-This may cause a slight speedup.  The default is no, because the DNS
+This may cause a slight speedup.  The default is yes, even though the DNS
 protocol RFCs mandate these sections, and the additional content could
-be of use and save roundtrips for clients.
+be of use and save roundtrips for clients.  Because they are not used,
+and the saved roundtrips are easier saved with prefetch, whilst this is
+faster.
 .TP
 .B disable-dnssec-lame-check: \fI<yes or no>
 If true, disables the DNSSEC lameness check in the iterator.  This check

diff --git a/testdata/autotrust_init.rpl b/testdata/autotrust_init.rpl
index c6bde72ac48bd7009b748bc04b8998ae72213a47..d722273e0a99e735612301c3c5feb294b29a6fdb 100644 (file)
--- a/testdata/autotrust_init.rpl
+++ b/testdata/autotrust_init.rpl
@@ -4,6 +4,7 @@ server:
        log-time-ascii: yes
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/autotrust_init_ds.rpl b/testdata/autotrust_init_ds.rpl
index 37a168a1a0ab831cd2a7357b7c683a45d5ef218f..ad4019ebec6eb5817d21311407f9efbb88ce15f6 100644 (file)
--- a/testdata/autotrust_init_ds.rpl
+++ b/testdata/autotrust_init_ds.rpl
@@ -4,6 +4,7 @@ server:
        log-time-ascii: yes
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/autotrust_init_sigs.rpl b/testdata/autotrust_init_sigs.rpl
index fe5eeb0d6509eef5612a7db0b1e209a403c5b7ef..d5d52f4738694d67842fdb862186112c23a96878 100644 (file)
--- a/testdata/autotrust_init_sigs.rpl
+++ b/testdata/autotrust_init_sigs.rpl
@@ -4,6 +4,7 @@ server:
        log-time-ascii: yes
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/autotrust_init_zsk.rpl b/testdata/autotrust_init_zsk.rpl
index b807f8ebe046d10d0213dd8f498341ebe4399f22..56a5bc0b3febcf722dfe9ad917fc08e4e28ceed6 100644 (file)
--- a/testdata/autotrust_init_zsk.rpl
+++ b/testdata/autotrust_init_zsk.rpl
@@ -4,6 +4,7 @@ server:
        log-time-ascii: yes
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/black_data.rpl b/testdata/black_data.rpl
index 04304d352cf8f682c9351de651a712157d34254c..de6f57ec11586a9d776c0263dea395b941b4619f 100644 (file)
--- a/testdata/black_data.rpl
+++ b/testdata/black_data.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/black_prime.rpl b/testdata/black_prime.rpl
index 2cbcc160658a3c586ad9d3d7026d861a8aeca308..7e73f32f39abebedf8432e2046f354b2f6b01983 100644 (file)
--- a/testdata/black_prime.rpl
+++ b/testdata/black_prime.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_anchor.rpl b/testdata/dlv_anchor.rpl
index 445da0a84ea77ed655a109a9806a5a0a2c21a5b3..81547454eff66c34bf6e6d923784aec68fc7e71a 100644 (file)
--- a/testdata/dlv_anchor.rpl
+++ b/testdata/dlv_anchor.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_ask_higher.rpl b/testdata/dlv_ask_higher.rpl
index 9f9331080e27d106627a336798d589189f9e9d1c..51ac3d24aaee4a9ac65caf16b721ff5fdd643f13 100644 (file)
--- a/testdata/dlv_ask_higher.rpl
+++ b/testdata/dlv_ask_higher.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_below_ta.rpl b/testdata/dlv_below_ta.rpl
index 6f72f261c3902bd4f658d3e27e74b1c0a5d20dcf..f5d630dfb2d74755ad092286f0dceb8dd57f166f 100644 (file)
--- a/testdata/dlv_below_ta.rpl
+++ b/testdata/dlv_below_ta.rpl
@@ -8,6 +8,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_delegation.rpl b/testdata/dlv_delegation.rpl
index 1eada40649f7fa92defcef3a57d9cb9c4c015147..53074c8e257f63488b681d597551a3759220f943 100644 (file)
--- a/testdata/dlv_delegation.rpl
+++ b/testdata/dlv_delegation.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_insecure.rpl b/testdata/dlv_insecure.rpl
index 94ba865d870341d8e98318782efa913a5b7dd83a..e6515a9fb6ecdd87a518c0442f2f213950d5e72d 100644 (file)
--- a/testdata/dlv_insecure.rpl
+++ b/testdata/dlv_insecure.rpl
@@ -8,6 +8,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_insecure_negcache.rpl b/testdata/dlv_insecure_negcache.rpl
index b91105160ad29a664bfaa9c76a254a22f2d5e804..8408870b9969187253621b3287620dd38f0e626e 100644 (file)
--- a/testdata/dlv_insecure_negcache.rpl
+++ b/testdata/dlv_insecure_negcache.rpl
@@ -8,6 +8,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_remove_empty.rpl b/testdata/dlv_remove_empty.rpl
index 2e9b4bcf6638e41c932ffaea9905eb37b8a42999..11b825bc262105b2b8a87e7f9ab86ba5b8c4fe0d 100644 (file)
--- a/testdata/dlv_remove_empty.rpl
+++ b/testdata/dlv_remove_empty.rpl
@@ -5,6 +5,7 @@ server:
        val-override-date: "20070916134226"
        target-fetch-policy: "0 0 0 0 0"
        fake-sha1: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_remove_nodel.rpl b/testdata/dlv_remove_nodel.rpl
index 1f2d94721abd7f99dd0c7833e08efdc6b1d7288e..1abe5a32f37ac34946e066d2a42822b86cac6129 100644 (file)
--- a/testdata/dlv_remove_nodel.rpl
+++ b/testdata/dlv_remove_nodel.rpl
@@ -6,6 +6,7 @@ server:
        val-override-date: "20070916134226"
        target-fetch-policy: "0 0 0 0 0"
        fake-sha1: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_remove_pos.rpl b/testdata/dlv_remove_pos.rpl
index fe2d7fee79d1cf06e97a6e281b877f78e835ffcf..892ffa3c0c4708c90d59382f4b0bb558882f62cd 100644 (file)
--- a/testdata/dlv_remove_pos.rpl
+++ b/testdata/dlv_remove_pos.rpl
@@ -8,6 +8,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dlv_unused.rpl b/testdata/dlv_unused.rpl
index 386755835128e7f5d84b98d8cadbe47f2d2af7c2..aa7d04c1eab442a14baf1ed9b0418bcf50c64f37 100644 (file)
--- a/testdata/dlv_unused.rpl
+++ b/testdata/dlv_unused.rpl
@@ -7,6 +7,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/dns64_lookup.rpl b/testdata/dns64_lookup.rpl
index e24622c0d4b51bdea62224441da1a079801a9602..898d0d01ad167e4a50598fffddd287ccc7fba699 100644 (file)
--- a/testdata/dns64_lookup.rpl
+++ b/testdata/dns64_lookup.rpl
@@ -4,6 +4,7 @@ server:
        qname-minimisation: "no"
        module-config: "dns64 validator iterator"
        dns64-prefix: 64:ff9b::0/96
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/domain_insec_dlv.rpl b/testdata/domain_insec_dlv.rpl
index 8c89a70d33ba1ef352d9381a567cfd0e74ead912..c8bd98344d30a5014637c9b9c76d9d4495b31e83 100644 (file)
--- a/testdata/domain_insec_dlv.rpl
+++ b/testdata/domain_insec_dlv.rpl
@@ -5,6 +5,7 @@ server:
        domain-insecure: "example.net"
        val-override-date: "20070916134226"
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/fetch_glue.rpl b/testdata/fetch_glue.rpl
index 3ecc28abf71c930cc4ca80bb80df7b10c8b76488..3e9f64f8d1b0d13590e3d890da44a7e7636320df 100644 (file)
--- a/testdata/fetch_glue.rpl
+++ b/testdata/fetch_glue.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/fetch_glue_cname.rpl b/testdata/fetch_glue_cname.rpl
index e8158f9f07b2102de0949135c6068b05d6887c4f..4a86afa50f65084940a8788744815a4f3444d5fb 100644 (file)
--- a/testdata/fetch_glue_cname.rpl
+++ b/testdata/fetch_glue_cname.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/fwd_cached.rpl b/testdata/fwd_cached.rpl
index 23b4a08a228245bc998f69e1e0d3b10a35290a63..2d6b0c2b8cbea5aa5c3e6459c088600d879967ec 100644 (file)
--- a/testdata/fwd_cached.rpl
+++ b/testdata/fwd_cached.rpl
@@ -1,5 +1,7 @@
 ; This is a comment.
 ; config options go here.
+server:
+       minimal-responses: no
 forward-zone: name: "." forward-addr: 216.0.0.1
 CONFIG_END
 

diff --git a/testdata/iter_class_any.rpl b/testdata/iter_class_any.rpl
index a4ea822fdba0fc59842f4ea5fbba62314a3de543..6fb296e99d009c88bb6b4b3f6a8e9def883ccf73 100644 (file)
--- a/testdata/iter_class_any.rpl
+++ b/testdata/iter_class_any.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_cycle_noh.rpl b/testdata/iter_cycle_noh.rpl
index 6c2982adc94e31b2089b471b5a4be04b8f7ab4ce..eee26ca70d151532e0c16fd3da093fc32aa96aed 100644 (file)
--- a/testdata/iter_cycle_noh.rpl
+++ b/testdata/iter_cycle_noh.rpl
@@ -3,6 +3,7 @@ server:
        harden-glue: "no"
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_dname_insec.rpl b/testdata/iter_dname_insec.rpl
index 791e3848572a46551eeeff3b764dffca2cc89551..ce593ba5c20a8c7e3d6b763462d7aa9861305fe9 100644 (file)
--- a/testdata/iter_dname_insec.rpl
+++ b/testdata/iter_dname_insec.rpl
@@ -3,6 +3,7 @@ server:
        harden-referral-path: no
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_domain_sale.rpl b/testdata/iter_domain_sale.rpl
index ff612780a8c85ba57509d89ab016f6589d3cb557..be05e2f4363dc300b16535391bce5caf9938353f 100644 (file)
--- a/testdata/iter_domain_sale.rpl
+++ b/testdata/iter_domain_sale.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_domain_sale_nschange.rpl b/testdata/iter_domain_sale_nschange.rpl
index bc396f67c6f371cc2736ae81c458d296e2eade0b..5af54efb9855df42fc4581e2e3444d9628cfd53b 100644 (file)
--- a/testdata/iter_domain_sale_nschange.rpl
+++ b/testdata/iter_domain_sale_nschange.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_emptydp.rpl b/testdata/iter_emptydp.rpl
index f61b3064dddb7c38c2c523328389420cdcd7046b..82ddccfade66c0601e2d184bd6d77fb50d903b02 100644 (file)
--- a/testdata/iter_emptydp.rpl
+++ b/testdata/iter_emptydp.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_emptydp_for_glue.rpl b/testdata/iter_emptydp_for_glue.rpl
index 33951e790a70970c7bfb36bd3c495c202156451a..2e7db65e1402de679b28e68fba1691a0709e8cdb 100644 (file)
--- a/testdata/iter_emptydp_for_glue.rpl
+++ b/testdata/iter_emptydp_for_glue.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_fwdfirst.rpl b/testdata/iter_fwdfirst.rpl
index 5154babb348beb9aeec8e044d521a2f235ba87d9..0f8a85f5ae032a1f162f3049a7dfe96daa34eec6 100644 (file)
--- a/testdata/iter_fwdfirst.rpl
+++ b/testdata/iter_fwdfirst.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_fwdfirstequal.rpl b/testdata/iter_fwdfirstequal.rpl
index d8da470cf54201b0d6d14c3d2a48ff802437d31f..dc648143ce66c7e2f5790dec66a1d6d94ece185b 100644 (file)
--- a/testdata/iter_fwdfirstequal.rpl
+++ b/testdata/iter_fwdfirstequal.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_fwdstub.rpl b/testdata/iter_fwdstub.rpl
index 06a8789b721b85c882c48eb5a2b77c64ff4f7f28..ad5b57cb769036bab6178f8b29b57bf1fbd1fc34 100644 (file)
--- a/testdata/iter_fwdstub.rpl
+++ b/testdata/iter_fwdstub.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_fwdstubroot.rpl b/testdata/iter_fwdstubroot.rpl
index e43584cbef1704aaba1ae00b367018fc3e812718..fa930430d7f5bc8dd103fac9eba358a842949715 100644 (file)
--- a/testdata/iter_fwdstubroot.rpl
+++ b/testdata/iter_fwdstubroot.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_got6only.rpl b/testdata/iter_got6only.rpl
index 7363a48b7d528e5489da30f19b713231cfcb05fb..15522843903ba66a955e154fe2c1f29212c819a6 100644 (file)
--- a/testdata/iter_got6only.rpl
+++ b/testdata/iter_got6only.rpl
@@ -3,6 +3,7 @@ server:
        do-ip6: no
        target-fetch-policy: "0 0 0 0 0 "
        qname-minimisation: "no"
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/iter_hint_lame.rpl b/testdata/iter_hint_lame.rpl
index e9ffbce64c7bad87d19cb6e231903597c5e2f7ef..2fb6dde72d9194d4c01b786f92b2bb9f861dbd24 100644 (file)
--- a/testdata/iter_hint_lame.rpl
+++ b/testdata/iter_hint_lame.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_lame_noaa.rpl b/testdata/iter_lame_noaa.rpl
index 18d326b7796705cbd4c1d62b0a49cd3ca507ae2d..7a6eb1b305364805c4e7d1432262abcfc1da0756 100644 (file)
--- a/testdata/iter_lame_noaa.rpl
+++ b/testdata/iter_lame_noaa.rpl
@@ -3,6 +3,7 @@ server:
        harden-referral-path: no
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_lame_nosoa.rpl b/testdata/iter_lame_nosoa.rpl
index 903bb29bc99ff7fa5d84f1ce955e59f3ec324791..4914f7461f5fcfb0a4576a18a514f10c5af83da8 100644 (file)
--- a/testdata/iter_lame_nosoa.rpl
+++ b/testdata/iter_lame_nosoa.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_mod.rpl b/testdata/iter_mod.rpl
index c57e2328ab78d26ed621c03823cc4b924b8b8961..35b3a5af6a5cd83faae46e4ce7fe07db76c1b823 100644 (file)
--- a/testdata/iter_mod.rpl
+++ b/testdata/iter_mod.rpl
@@ -3,6 +3,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        module-config: "iterator"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_ns_badip.rpl b/testdata/iter_ns_badip.rpl
index 6ce2b14d47b5dfd67e712e47ac1a7ae9c85ad452..ad266c64d11784ff3a595a4a528014086082be04 100644 (file)
--- a/testdata/iter_ns_badip.rpl
+++ b/testdata/iter_ns_badip.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "3 2 1 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_ns_spoof.rpl b/testdata/iter_ns_spoof.rpl
index 1679ce724c7a8670d01fc6d8de9c0aea6138c457..f6745763532ff5a1e8c61ec64c9bc0850ba390f3 100644 (file)
--- a/testdata/iter_ns_spoof.rpl
+++ b/testdata/iter_ns_spoof.rpl
@@ -3,6 +3,7 @@ server:
        harden-referral-path: yes
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/iter_pc_a.rpl b/testdata/iter_pc_a.rpl
index 985345c1536054b2de54393c3a1ad721a96f5fdf..d9add0056feac3d956b78da3ee527f23a4564564 100644 (file)
--- a/testdata/iter_pc_a.rpl
+++ b/testdata/iter_pc_a.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pc_aaaa.rpl b/testdata/iter_pc_aaaa.rpl
index 20e1a787f4024c4e337bb65fc03229dfaf6d3a5d..a28354306aca9068b39029b767273037bc6cab5a 100644 (file)
--- a/testdata/iter_pc_aaaa.rpl
+++ b/testdata/iter_pc_aaaa.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcdiff.rpl b/testdata/iter_pcdiff.rpl
index 18b984c167978d5fb5a70a48646a39f2bc9f238c..57fb109afa5e86aeec2227e20a4ebddbecc4e7b4 100644 (file)
--- a/testdata/iter_pcdiff.rpl
+++ b/testdata/iter_pcdiff.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcdirect.rpl b/testdata/iter_pcdirect.rpl
index 0a4487fd86c716753f0e539843133cd1d6f4280f..0bd5dfe783555a8e9a3f11d3a202c4fb690b32c6 100644 (file)
--- a/testdata/iter_pcdirect.rpl
+++ b/testdata/iter_pcdirect.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcname.rpl b/testdata/iter_pcname.rpl
index 037b6426f4d2b40671be3cf3a5008b98adab56af..e17c9102c86af8ba0547cc0c2ef8f8163aabd839 100644 (file)
--- a/testdata/iter_pcname.rpl
+++ b/testdata/iter_pcname.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcnamech.rpl b/testdata/iter_pcnamech.rpl
index a979101d9547587b5d92984d00e3a22bc155298d..1aba95b07aa7af890a3c3f2f23331b0420fd4ff9 100644 (file)
--- a/testdata/iter_pcnamech.rpl
+++ b/testdata/iter_pcnamech.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcnamechrec.rpl b/testdata/iter_pcnamechrec.rpl
index f4c0197ba9088f6af52b51d8506460548389cb14..90745fcf3eb2310325f4d2d2dd82d58fa4fd800a 100644 (file)
--- a/testdata/iter_pcnamechrec.rpl
+++ b/testdata/iter_pcnamechrec.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcnamerec.rpl b/testdata/iter_pcnamerec.rpl
index ecc03d353501f1f80c45736e5663da0f1af290d9..faee6d029acd10a0a7c6a11299272395d86a417c 100644 (file)
--- a/testdata/iter_pcnamerec.rpl
+++ b/testdata/iter_pcnamerec.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_pcttl.rpl b/testdata/iter_pcttl.rpl
index 41d94bc4234d228289d343c8fb5a84869c75dc9c..413f8cb88b09642e2088d94bebb4699b2772c1b8 100644 (file)
--- a/testdata/iter_pcttl.rpl
+++ b/testdata/iter_pcttl.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        do-ip6: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_prefetch.rpl b/testdata/iter_prefetch.rpl
index feb6b81e8673cd0bbdffe8bbf19a3248eb6b9dad..bad92dc575ddf52380212609d48484e8bdf0e5a4 100644 (file)
--- a/testdata/iter_prefetch.rpl
+++ b/testdata/iter_prefetch.rpl
@@ -3,6 +3,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        prefetch: "yes"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_prefetch_change.rpl b/testdata/iter_prefetch_change.rpl
index 2ed70cdadf8f05fdd9e0a3997b5fb8717a87a8cb..007025ad010ca5283484ba9dfdfa4999c82f6eac 100644 (file)
--- a/testdata/iter_prefetch_change.rpl
+++ b/testdata/iter_prefetch_change.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        prefetch: "yes"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_prefetch_change2.rpl b/testdata/iter_prefetch_change2.rpl
index 93196d555f72fb5c61c3d32121dd22c53ae58e0b..7a8370ff61bb470282cb9195fc176bc9c953141f 100644 (file)
--- a/testdata/iter_prefetch_change2.rpl
+++ b/testdata/iter_prefetch_change2.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        prefetch: "yes"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_prefetch_childns.rpl b/testdata/iter_prefetch_childns.rpl
index 869aaa40c95c19526cb1ad56f43c5700846a8520..00a91fcde1a5fc20771655d4cffc6f512cf4dea9 100644 (file)
--- a/testdata/iter_prefetch_childns.rpl
+++ b/testdata/iter_prefetch_childns.rpl
@@ -3,6 +3,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        prefetch: "yes"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_prefetch_fail.rpl b/testdata/iter_prefetch_fail.rpl
index 2f7f9942510d7b5eb02a534be39c475a69632fa7..1d92a4c1c462778b472e751f1e04a8c1b6d43dd9 100644 (file)
--- a/testdata/iter_prefetch_fail.rpl
+++ b/testdata/iter_prefetch_fail.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        prefetch: "yes"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_prefetch_ns.rpl b/testdata/iter_prefetch_ns.rpl
index f99fb80dcf5a923bb0f95f7f0e2079abe4ab5a2b..93af216387aeedcfc0d0a7ae9b8f6b3c1fb8c1c2 100644 (file)
--- a/testdata/iter_prefetch_ns.rpl
+++ b/testdata/iter_prefetch_ns.rpl
@@ -3,6 +3,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        prefetch: "yes"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_primenoglue.rpl b/testdata/iter_primenoglue.rpl
index 0d6adefc591e4687e3232005001b7d8c4f27b059..a75ed82ddce2487452fd4357ea3e50c09885f566 100644 (file)
--- a/testdata/iter_primenoglue.rpl
+++ b/testdata/iter_primenoglue.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_privaddr.rpl b/testdata/iter_privaddr.rpl
index 2361af6536c8bb23fff53bdcd375c766c6cfb413..93a2a147d1eb55e7b8fe66cc1db612cad9318881 100644 (file)
--- a/testdata/iter_privaddr.rpl
+++ b/testdata/iter_privaddr.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
        private-address: 10.0.0.0/8
        private-address: 172.16.0.0/12

diff --git a/testdata/iter_ranoaa_lame.rpl b/testdata/iter_ranoaa_lame.rpl
index d2db84a8e09746119a9c1da61b6ca0279c7b8d87..efb38a5907eca33607a015b840794c34d4881245 100644 (file)
--- a/testdata/iter_ranoaa_lame.rpl
+++ b/testdata/iter_ranoaa_lame.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_reclame_one.rpl b/testdata/iter_reclame_one.rpl
index fe15b256ce399ecdba083f923a16f4d2c557299c..4df9b6594fe452501d0a9d6d0ba1d8a553fc5d88 100644 (file)
--- a/testdata/iter_reclame_one.rpl
+++ b/testdata/iter_reclame_one.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_reclame_two.rpl b/testdata/iter_reclame_two.rpl
index 3b7dfd65cbe0b25b59051ba104cd89ecd2b29424..f30edd941472fa428b526493a05a0fdb2d3c4d7e 100644 (file)
--- a/testdata/iter_reclame_two.rpl
+++ b/testdata/iter_reclame_two.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_recurse.rpl b/testdata/iter_recurse.rpl
index ab62e1ae5d5f4b85d5441cf44888592daf16e86f..181af11079f5de35f10c687f9146fb55cf85abbe 100644 (file)
--- a/testdata/iter_recurse.rpl
+++ b/testdata/iter_recurse.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_resolve.rpl b/testdata/iter_resolve.rpl
index cab3887f77b94e8445b812d2bffb35c7d83688ae..ed051ff24effec6391dfe526f9ec5ef61a66c051 100644 (file)
--- a/testdata/iter_resolve.rpl
+++ b/testdata/iter_resolve.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_resolve_minimised.rpl b/testdata/iter_resolve_minimised.rpl
index ab3c6e9e7121ac0ac465442d4237822be57d9213..2c6f9ccf5f935d66889b7b8b9125e63b897e1d66 100644 (file)
--- a/testdata/iter_resolve_minimised.rpl
+++ b/testdata/iter_resolve_minimised.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_resolve_minimised_nx.rpl b/testdata/iter_resolve_minimised_nx.rpl
index cb877bc250b48387312b7b55f788e56c1163a5d1..74e612ccb9515d83c611f6a7d3fc2ccdb3b07ad7 100644 (file)
--- a/testdata/iter_resolve_minimised_nx.rpl
+++ b/testdata/iter_resolve_minimised_nx.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_resolve_minimised_refused.rpl b/testdata/iter_resolve_minimised_refused.rpl
index 82852a4380cde0199d5f0228db1de76b79b68553..66e8e631e200d6fb539eb235bd5407f15fadc3d9 100644 (file)
--- a/testdata/iter_resolve_minimised_refused.rpl
+++ b/testdata/iter_resolve_minimised_refused.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_resolve_minimised_timeout.rpl b/testdata/iter_resolve_minimised_timeout.rpl
index 2a166aff0e710d55a6c4b455edb1bc27c8a19153..86b93216075bdd42ad7eda2571e9c337fdd5344f 100644 (file)
--- a/testdata/iter_resolve_minimised_timeout.rpl
+++ b/testdata/iter_resolve_minimised_timeout.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_scrub_cname_an.rpl b/testdata/iter_scrub_cname_an.rpl
index 54a98c63bf343c2a73851f51b281bb8258637e04..9c5060af7913d48a2820a1e159b45a7c1daf557b 100644 (file)
--- a/testdata/iter_scrub_cname_an.rpl
+++ b/testdata/iter_scrub_cname_an.rpl
@@ -3,6 +3,7 @@ server:
        harden-referral-path: no
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_scrub_dname_insec.rpl b/testdata/iter_scrub_dname_insec.rpl
index a2972202c6264ee249cfe53e8a43e4b84f1d0b38..921abe628f7fa4eee70cb0863ef52f382dd8e917 100644 (file)
--- a/testdata/iter_scrub_dname_insec.rpl
+++ b/testdata/iter_scrub_dname_insec.rpl
@@ -3,6 +3,7 @@ server:
        harden-referral-path: no
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_scrub_dname_rev.rpl b/testdata/iter_scrub_dname_rev.rpl
index b7e3ee2d0fb140ca027d856b94a9716dd1df4839..3e649f9361867d512ef8b91b1a64800e6b159507 100644 (file)
--- a/testdata/iter_scrub_dname_rev.rpl
+++ b/testdata/iter_scrub_dname_rev.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_scrub_dname_sec.rpl b/testdata/iter_scrub_dname_sec.rpl
index 1b9153ba74a58188df306f515ba7030f2c38e429..4597cdf982cd21bb67b4de1c1ca9e16c19dbd0ab 100644 (file)
--- a/testdata/iter_scrub_dname_sec.rpl
+++ b/testdata/iter_scrub_dname_sec.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_soamin.rpl b/testdata/iter_soamin.rpl
index 42eb80827d61b8ac617b985add30215d5f8b7db8..7e902601b00682abc9119e235a5b44ae34282e11 100644 (file)
--- a/testdata/iter_soamin.rpl
+++ b/testdata/iter_soamin.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_stub_leak.rpl b/testdata/iter_stub_leak.rpl
index e5c6200060a03f50528451a4a805b51a6d808320..388344ce5ef0929c8809bb6e7f1aa5e11d544ac3 100644 (file)
--- a/testdata/iter_stub_leak.rpl
+++ b/testdata/iter_stub_leak.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
         target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
         name: "."

diff --git a/testdata/iter_stub_noroot.rpl b/testdata/iter_stub_noroot.rpl
index 0bc1ff5d2031258940f7059bef6c374624103d5c..ef306bd428c4546669297eb6704b945bb3491652 100644 (file)
--- a/testdata/iter_stub_noroot.rpl
+++ b/testdata/iter_stub_noroot.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_stubfirst.rpl b/testdata/iter_stubfirst.rpl
index 6245a4f09a1e2cebe91ce625970f009a49d16ee1..1a7112de4517240b119b22f621a20545e476fa4c 100644 (file)
--- a/testdata/iter_stubfirst.rpl
+++ b/testdata/iter_stubfirst.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/iter_timeout_ra_aaaa.rpl b/testdata/iter_timeout_ra_aaaa.rpl
index 9b06aea9099213f2e8b374c18130ee9cf03561d8..126867ba4a4a625b091566a20a56022f2bd1df0d 100644 (file)
--- a/testdata/iter_timeout_ra_aaaa.rpl
+++ b/testdata/iter_timeout_ra_aaaa.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/rrset_rettl.rpl b/testdata/rrset_rettl.rpl
index 2ae64e9476bb9d5ed9570dd4b255ca660c25cd81..55dd62386e28b172409968781d7e3a72729abf78 100644 (file)
--- a/testdata/rrset_rettl.rpl
+++ b/testdata/rrset_rettl.rpl
@@ -1,5 +1,7 @@
 ; This is a comment.
 ; config options go here.
+server:
+       minimal-responses: no
 forward-zone: name: "." forward-addr: 216.0.0.1
 CONFIG_END
 

diff --git a/testdata/rrset_untrusted.rpl b/testdata/rrset_untrusted.rpl
index 232554872b4a8401bfb309f6a7be0b2e4ee6fd1c..6370ebf49bf91e4f3703396cbf05276315308214 100644 (file)
--- a/testdata/rrset_untrusted.rpl
+++ b/testdata/rrset_untrusted.rpl
@@ -1,5 +1,7 @@
 ; This is a comment.
 ; config options go here.
+server:
+       minimal-responses: no
 forward-zone: name: "." forward-addr: 216.0.0.1
 CONFIG_END
 

diff --git a/testdata/rrset_updated.rpl b/testdata/rrset_updated.rpl
index 4e877df1147291138de113f9216d6182a01e662f..d36ab8cc88a70305f2addf64e84090ce5c350ba5 100644 (file)
--- a/testdata/rrset_updated.rpl
+++ b/testdata/rrset_updated.rpl
@@ -1,5 +1,7 @@
 ; This is a comment.
 ; config options go here.
+server:
+       minimal-responses: no
 forward-zone: name: "." forward-addr: 216.0.0.1
 CONFIG_END
 

diff --git a/testdata/trust_cname_chain.rpl b/testdata/trust_cname_chain.rpl
index e4d2d2a99b7b9face3aaa1a4141fe82272624900..f8415ba23ce6b51be970114274bdf4efc93ec90e 100644 (file)
--- a/testdata/trust_cname_chain.rpl
+++ b/testdata/trust_cname_chain.rpl
@@ -1,6 +1,7 @@
 ; config options
 server:
        target-fetch-policy: "0 0 0 0 0"
+       minimal-responses: no
 stub-zone:
        name: "."
        stub-addr: 193.0.14.129         # K.ROOT-SERVERS.NET.

diff --git a/testdata/ttl_max.rpl b/testdata/ttl_max.rpl
index 1faa05453d362b4c19b480bd8a4da425e23741e7..17eaca26c548d2f52fd041d68cbf69d365836fbf 100644 (file)
--- a/testdata/ttl_max.rpl
+++ b/testdata/ttl_max.rpl
@@ -3,6 +3,7 @@ server:
        access-control: 127.0.0.1 allow_snoop
        cache-max-ttl: 10
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/ttl_min.rpl b/testdata/ttl_min.rpl
index b965fdbeab643dff4958c752ee2d6de606e03171..3c79ff5ed666daa6b9ccfce7ee8d3d755f17f060 100644 (file)
--- a/testdata/ttl_min.rpl
+++ b/testdata/ttl_min.rpl
@@ -3,6 +3,7 @@ server:
        access-control: 127.0.0.1 allow_snoop
        cache-min-ttl: 10
        qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_adbit.rpl b/testdata/val_adbit.rpl
index f8f44fcff679f8b8a5397ac1612a98a0f5dd660a..7ce62de77e314094976f3bce54b14f815f74d989 100644 (file)
--- a/testdata/val_adbit.rpl
+++ b/testdata/val_adbit.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_adcopy.rpl b/testdata/val_adcopy.rpl
index beb952356fb761ceee82c14e0ea215be9ebd0c79..604fd57f20437b694c4f8310cdb2d4c046309225 100644 (file)
--- a/testdata/val_adcopy.rpl
+++ b/testdata/val_adcopy.rpl
@@ -6,6 +6,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        fake-sha1: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_ds_afterprime.rpl b/testdata/val_ds_afterprime.rpl
index 50c28aae6f0b947b06c7c9b0c89a6cf1226f3dd4..3b1c0d614ba3efc2de15f5996979be96d6b0e080 100644 (file)
--- a/testdata/val_ds_afterprime.rpl
+++ b/testdata/val_ds_afterprime.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_faildnskey_ok.rpl b/testdata/val_faildnskey_ok.rpl
index c191859b2079431a8c27e1c90df4b25a82e958c9..d3ac00c47d151f5f518f6e7b6e0abdea80e352a0 100644 (file)
--- a/testdata/val_faildnskey_ok.rpl
+++ b/testdata/val_faildnskey_ok.rpl
@@ -7,6 +7,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_keyprefetch_verify.rpl b/testdata/val_keyprefetch_verify.rpl
index f55bd7945fe5d8739e5cd151d98ab64c7c79c205..f2050fb7fe137b3d6c3efbab3e010b5469a48994 100644 (file)
--- a/testdata/val_keyprefetch_verify.rpl
+++ b/testdata/val_keyprefetch_verify.rpl
@@ -9,6 +9,7 @@ server:
        prefetch: yes
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_noadwhennodo.rpl b/testdata/val_noadwhennodo.rpl
index c4b9afd75053f45ad3ea59f2efd9379df4b81b0f..46e1bad5a60d16d7f7a20f5a8c93dbc4f20b38ea 100644 (file)
--- a/testdata/val_noadwhennodo.rpl
+++ b/testdata/val_noadwhennodo.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_nsec3_b3_optout.rpl b/testdata/val_nsec3_b3_optout.rpl
index 41e2e38933f7f25dee111b8451a975098489fbd4..0b0569201e5f7d7033a8c94f73f9cfb6f5beb2ca 100644 (file)
--- a/testdata/val_nsec3_b3_optout.rpl
+++ b/testdata/val_nsec3_b3_optout.rpl
@@ -6,6 +6,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_nsec3_b3_optout_negcache.rpl b/testdata/val_nsec3_b3_optout_negcache.rpl
index e2897e53ffa40c1c257abd4a646f6808ceee4f56..f8ef6f87df90fd8b7d02d7bf865462b74a646f1a 100644 (file)
--- a/testdata/val_nsec3_b3_optout_negcache.rpl
+++ b/testdata/val_nsec3_b3_optout_negcache.rpl
@@ -6,6 +6,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_positive.rpl b/testdata/val_positive.rpl
index bef91f6df6503b7808986cec3078390c269e71e1..daaf36089c09a985c1a1ed8aeef0095cba042ed7 100644 (file)
--- a/testdata/val_positive.rpl
+++ b/testdata/val_positive.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_qds_badanc.rpl b/testdata/val_qds_badanc.rpl
index 5c9f75660d7bbe10badb0d80a07ab8970d5c24d9..dc686153f406c160887f02465f646c5341f80db9 100644 (file)
--- a/testdata/val_qds_badanc.rpl
+++ b/testdata/val_qds_badanc.rpl
@@ -6,6 +6,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        fake-sha1: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_qds_oneanc.rpl b/testdata/val_qds_oneanc.rpl
index c742cfad3d8b5f361786a080d00fe625589f9d17..f21ab422b47a18d4abb7c8015139dfeed037e7aa 100644 (file)
--- a/testdata/val_qds_oneanc.rpl
+++ b/testdata/val_qds_oneanc.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_qds_twoanc.rpl b/testdata/val_qds_twoanc.rpl
index dc66388f82d65d7cba44d83f0c9935733e56296f..4e4f2e732b6400fcf40fbf3123e9e18f4d980727 100644 (file)
--- a/testdata/val_qds_twoanc.rpl
+++ b/testdata/val_qds_twoanc.rpl
@@ -8,6 +8,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_referd.rpl b/testdata/val_referd.rpl
index dfc82e1cfd225e4a610ef81d84ce16d16c703635..d475f835eb20a383a6260cb5b7d942ab2b563418 100644 (file)
--- a/testdata/val_referd.rpl
+++ b/testdata/val_referd.rpl
@@ -9,6 +9,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_referglue.rpl b/testdata/val_referglue.rpl
index a9714d1c8040ffd2b4f1272198638036166b4b8d..dd7e7de91b25fb5d8422fc9c735837505318fdff 100644 (file)
--- a/testdata/val_referglue.rpl
+++ b/testdata/val_referglue.rpl
@@ -9,6 +9,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_rrsig.rpl b/testdata/val_rrsig.rpl
index d9684e497e45ddbc2e859bdb7a80d7dd9feaee20..0b672e0f2cba88f09f67fce37d450850cfd55f23 100644 (file)
--- a/testdata/val_rrsig.rpl
+++ b/testdata/val_rrsig.rpl
@@ -6,6 +6,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        fake-sha1: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_spurious_ns.rpl b/testdata/val_spurious_ns.rpl
index 0f9d8431007abfed21b1610fa859f7fabd988c37..cb0a6e52998759f71c661945febfb1ba65df21e0 100644 (file)
--- a/testdata/val_spurious_ns.rpl
+++ b/testdata/val_spurious_ns.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_stub_noroot.rpl b/testdata/val_stub_noroot.rpl
index 07fb0e376e058fe7e5f5efc13706d5fe3cb2465b..4235bcc5213bc0b20a47f24fc7d3cf9014df2b5a 100644 (file)
--- a/testdata/val_stub_noroot.rpl
+++ b/testdata/val_stub_noroot.rpl
@@ -7,6 +7,7 @@ server:
        dlv-anchor: "dlv.isc.org. IN DNSKEY 257 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_ta_algo_dnskey.rpl b/testdata/val_ta_algo_dnskey.rpl
index a1f1ed5d0a228b4cd48dd0b64466998658ee9d0d..03bac83aaa43bf2c5c67a3b5f62fd650603815af 100644 (file)
--- a/testdata/val_ta_algo_dnskey.rpl
+++ b/testdata/val_ta_algo_dnskey.rpl
@@ -8,6 +8,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_ta_algo_dnskey_dp.rpl b/testdata/val_ta_algo_dnskey_dp.rpl
index 1dd48bfb27e09adb18feae6577bb5e9f8837c2c1..2b3609be8e19961d244b3298502a81cf3c9c394d 100644 (file)
--- a/testdata/val_ta_algo_dnskey_dp.rpl
+++ b/testdata/val_ta_algo_dnskey_dp.rpl
@@ -9,6 +9,7 @@ server:
        harden-algo-downgrade: no
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_ta_algo_missing_dp.rpl b/testdata/val_ta_algo_missing_dp.rpl
index 4709407ed050bb95ba3aa317e816f32a6c436872..dc55a09da44a5e7d1eb6cd367312861824c47dfc 100644 (file)
--- a/testdata/val_ta_algo_missing_dp.rpl
+++ b/testdata/val_ta_algo_missing_dp.rpl
@@ -10,6 +10,7 @@ server:
        harden-algo-downgrade: no
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_twocname.rpl b/testdata/val_twocname.rpl
index 6756787b9bfcdebdec2a2760a0b954286c8c4dac..d8e8cf3165da89fb376a0c7948b58f31adf76d3b 100644 (file)
--- a/testdata/val_twocname.rpl
+++ b/testdata/val_twocname.rpl
@@ -4,6 +4,7 @@ server:
        val-override-date: "20091116100204"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 forward-zone:
        name: "."

diff --git a/testdata/val_unalgo_anchor.rpl b/testdata/val_unalgo_anchor.rpl
index 24dcbaf92a756207a2136f867ed731873afbaf31..fbbf288a5ff17eb0da69a6e51bf139312a831adb 100644 (file)
--- a/testdata/val_unalgo_anchor.rpl
+++ b/testdata/val_unalgo_anchor.rpl
@@ -6,6 +6,7 @@ server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
        fake-sha1: yes
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_unalgo_dlv.rpl b/testdata/val_unalgo_dlv.rpl
index e78226fc80948bb56d61bf791d7954d981ad2d32..142beae8d10b6a9b3521ae25c72d22d18af70ead 100644 (file)
--- a/testdata/val_unalgo_dlv.rpl
+++ b/testdata/val_unalgo_dlv.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/val_wild_pos.rpl b/testdata/val_wild_pos.rpl
index 2fc3847e8065c08d6fb7cf67f1db6967e7fa151c..624d8e07bf92370249db984c28399f90c9fe341e 100644 (file)
--- a/testdata/val_wild_pos.rpl
+++ b/testdata/val_wild_pos.rpl
@@ -7,6 +7,7 @@ server:
        qname-minimisation: "no"
        fake-sha1: yes
        trust-anchor-signaling: no
+       minimal-responses: no
 
 stub-zone:
        name: "."

diff --git a/testdata/views.rpl b/testdata/views.rpl
index 5573cd83cfaf10a65b37d095e7683728d15ba1fd..6a9052fbe2cd850b4e4b16af8f9f62888a3d9dcb 100644 (file)
--- a/testdata/views.rpl
+++ b/testdata/views.rpl
@@ -2,6 +2,7 @@
 server:
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: "no"
+       minimal-responses: no
 
        access-control: 10.10.10.0/24 allow
        access-control-view: 10.10.10.10/32 "view1"

diff --git a/util/config_file.c b/util/config_file.c
index 7d933ca6e3b82d95eeecf0f21950b20e59281d6d..3d7b4800bea18ceff5ee625713c8f2eb0d602727 100644 (file)
--- a/util/config_file.c
+++ b/util/config_file.c
@@ -177,7 +177,7 @@ config_create(void)
        cfg->if_automatic = 0;
        cfg->so_rcvbuf = 0;
        cfg->so_sndbuf = 0;
-       cfg->so_reuseport = 0;
+       cfg->so_reuseport = 1;
        cfg->ip_transparent = 0;
        cfg->ip_freebind = 0;
        cfg->num_ifs = 0;
@@ -202,7 +202,7 @@ config_create(void)
        cfg->harden_large_queries = 0;
        cfg->harden_glue = 1;
        cfg->harden_dnssec_stripped = 1;
-       cfg->harden_below_nxdomain = 0;
+       cfg->harden_below_nxdomain = 1;
        cfg->harden_referral_path = 0;
        cfg->harden_algo_downgrade = 0;
        cfg->use_caps_bits_for_id = 0;
@@ -254,7 +254,7 @@ config_create(void)
        cfg->control_ifs.last = NULL;
        cfg->control_port = UNBOUND_CONTROL_PORT;
        cfg->control_use_cert = 1;
-       cfg->minimal_responses = 0;
+       cfg->minimal_responses = 1;
        cfg->rrset_roundrobin = 0;
        cfg->max_udp_size = 4096;
        if(!(cfg->server_key_file = strdup(RUN_DIR"/unbound_server.key"))) 
@@ -344,6 +344,7 @@ struct config_file* config_create_forlib(void)
                forward nameserver running on localhost */
        cfg->val_log_level = 2; /* to fill why_bogus with */
        cfg->val_log_squelch = 1;
+       cfg->minimal_responses = 0;
        return cfg;
 }