From: Ondřej Surý <ondrej@isc.org>
Date: Tue, 14 Apr 2026 17:29:54 +0000 (+0200)
Subject: fix: usr: Implement seamless outgoing TCP connection reuse
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a61427e8ee9164f0e7701bb9832223dedb134023;p=thirdparty%2Fbind9.git

fix: usr: Implement seamless outgoing TCP connection reuse

The resolver can and will reuse outgoing TCP connections to the same host, as recommended by RFC 7766. This prevents a whole class of attacks that abuse the fact that establishing a TCP connection is expensive and it is fairly easy to deplete the outgoing TCP ports by putting them into TIME_WAIT state.

The number of pipelined queries per connection is capped at 256 to limit the impact of a connection drop.

Merge branch '3741-reuse-tcp-connections' into 'main'

See merge request isc-projects/bind9!11845
---

a61427e8ee9164f0e7701bb9832223dedb134023