.. namedconf:statement:: max-delegation-servers
:tags: server
- :short: Configure the maximum number of nameserver names considered for a delegation
+ :short: Configure the maximum number of nameservers considered for a delegation
When looking up remote nameservers for a delegation, the list of nameserver
names is sorted according to Canonical RR Ordering within an RRset (see
- :rfc:`4034` Section 6.3), and the number of names for which :iscman:`named`
- looks up IP addresses is capped at :any:`max-delegation-servers`.
-
- This capped list of nameserver names is then randomly shuffled every time
+ :rfc:`4034` Section 6.3). This list is then randomly shuffled every time
:iscman:`named` needs additional remote addresses for those nameservers.
This randomized selection works around situations where the first few
nameserver names in the zone are unresponsive.
outgoing DNS query is initiated only if the DNS resolver does not already have
existing IP addresses for any of the nameserver names in the cache.
+ The known NS addresses for an NS name (cached from a previous resolution, or
+ the NS name has glues, or it is defined from a local zone or hints) are
+ counted as delegation servers. Thus, the maximum queries the resolver does
+ to resolve a name at a delegation point is capped at
+ :any:`max-delegation-servers`.
+
The default and recommended value is ``13``. This limit prevents excessive
resource use while processing large or misconfigured delegations. The default
value should only be increased in controlled environments where a remote
projects / thirdparty / bind9.git / commitdiff
