From edea1bf7e1213f9643bd0ce29cb81d4413774d98 Mon Sep 17 00:00:00 2001 From: Otto Moerbeek Date: Tue, 7 Jan 2020 12:13:01 +0100 Subject: [PATCH] Slightly different approach as suggested by rgacogne: if qname-minimization is active, force maxqperq to be >= 100. --- pdns/pdns_recursor.cc | 2 +- pdns/recursordist/docs/settings.rst | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index 0c8319e796..c7a2598ead 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -3970,7 +3970,7 @@ static int serviceMain(int argc, char*argv[]) if (SyncRes::s_qnameminimization) { // With an empty cache, a rev ipv6 query with dnssec enabled takes // almost 100 queries. Default maxqperq is 60. - SyncRes::s_maxqperq = SyncRes::s_maxqperq * 5 / 3; + SyncRes::s_maxqperq = std::max(SyncRes::s_maxqperq, 100); } SyncRes::s_hardenNXD = SyncRes::HardenNXD::DNSSEC; diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index 41c1726261..cbebe9f2ef 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -918,8 +918,8 @@ Maximum number of Packet Cache entries. The maximum number of outgoing queries that will be sent out during the resolution of a single client query. This is used to limit endlessly chasing CNAME redirections. -If qname-minimization is enabled, the number will be increased to -allow for the extra queries qname-minimization generates when the cache is empty. +If qname-minimization is enabled, the number will be forced to be 100 +at a minimum to allow for the extra queries qname-minimization generates when the cache is empty. .. _setting-max-negative-ttl: -- 2.47.2