arm: add why when to set 'require-server-cookie yes;'

author Mark Andrews <marka@isc.org>

Thu, 24 Oct 2019 23:06:56 +0000 (10:06 +1100)

committer Ondřej Surý <ondrej@sury.org>

Thu, 31 Oct 2019 14:09:05 +0000 (09:09 -0500)
author Mark Andrews <marka@isc.org>
Thu, 24 Oct 2019 23:06:56 +0000 (10:06 +1100)
committer Ondřej Surý <ondrej@sury.org>
Thu, 31 Oct 2019 14:09:05 +0000 (09:09 -0500)
diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml

index 9445c81e10a88ad24da9cdb416e1c5ca7afe6dea..7b5e0ddf1595996e5e323c8af87acf79f3c3fcda 100644 (file)
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -6042,6 +6042,12 @@ options {
                   server cookie.
                   The default is <userinput>no</userinput>.
                 </para>
+               <para>
+                 Set this to <userinput>yes</userinput> to test that DNS
+                 COOKIE clients correctly handle BADCOOKIE or if you are
+                 getting a lot of forged DNS requests with DNS COOKIES
+                 present.
+               </para>
               </listitem>
             </varlistentry>
author	Mark Andrews <marka@isc.org>
	Thu, 24 Oct 2019 23:06:56 +0000 (10:06 +1100)
committer	Ondřej Surý <ondrej@sury.org>
	Thu, 31 Oct 2019 14:09:05 +0000 (09:09 -0500)