+22 November 2024: Yorgos
+ - Fix #1175: serve-expired does not adhere to secure-by-default
+ principle. The default value of serve-expired-client-timeout
+ is set to 1800 as suggested by RFC8767.
+
20 November 2024: Yorgos
- Fix comparison to help static analyzer.
# disable-edns-do: no
# Serve expired responses from cache, with serve-expired-reply-ttl in
- # the response, and then attempt to fetch the data afresh.
+ # the response. By default it first tries to refresh an expired answer.
+ # Can be configured with serve-expired-client-timeout.
# serve-expired: no
#
# Limit serving of expired responses to configured seconds after
#
# Time in milliseconds before replying to the client with expired data.
# This essentially enables the serve-stale behavior as specified in
- # RFC 8767 that first tries to resolve before
- # immediately responding with expired data. 0 disables this behavior.
- # A recommended value is 1800.
- # serve-expired-client-timeout: 0
+ # RFC 8767 that first tries to resolve before immediately responding
+ # with expired data. 0 disables this behavior.
+ # serve-expired-client-timeout: 1800
# Return the original TTL as received from the upstream name server rather
# than the decrementing TTL as stored in the cache. Enabling this feature
.TP
.B serve\-expired: \fI<yes or no>
If enabled, Unbound attempts to serve old responses from cache with a
-TTL of \fBserve\-expired\-reply\-ttl\fR in the response without waiting for the
-actual resolution to finish. The actual resolution answer ends up in the cache
-later on. Default is "no".
+TTL of \fBserve\-expired\-reply\-ttl\fR in the response.
+By default the expired answer will be used after a resolution attempt errored
+out or is taking more than serve\-expired\-client\-timeout to resolve.
+Default is "no".
.TP
.B serve\-expired\-ttl: \fI<seconds>
Limit serving of expired responses to configured seconds after expiration. 0
use 30 as the value (RFC 8767). The default is 30.
.TP
.B serve\-expired\-client\-timeout: \fI<msec>
-Time in milliseconds before replying to the client with expired data. This
-essentially enables the serve-stale behavior as specified in
+Time in milliseconds before replying to the client with expired data.
+This essentially enables the serve-stale behavior as specified in
RFC 8767 that first tries to resolve before immediately
-responding with expired data. A recommended value per
-RFC 8767 is 1800. Setting this to 0 will disable this
-behavior. Default is 0.
+responding with expired data.
+Setting this to 0 will disable this behavior and instead serve the expired
+record immediately from the cache before attempting to refresh it via
+resolution.
+Default is 1800.
.TP
.B serve\-original\-ttl: \fI<yes or no>
If enabled, Unbound will always return the original TTL as received from
cfg->serve_expired_ttl = 0;
cfg->serve_expired_ttl_reset = 0;
cfg->serve_expired_reply_ttl = 30;
- cfg->serve_expired_client_timeout = 0;
+ cfg->serve_expired_client_timeout = 1800;
cfg->ede_serve_expired = 0;
cfg->serve_original_ttl = 0;
cfg->zonemd_permissive_mode = 0;
projects / thirdparty / unbound.git / commitdiff
