Change the default ENDS buffer size to 1232 for DNS Flag Day 2020

The DNS Flag Day 2020 aims to remove the IP fragmentation problem from
the UDP DNS communication.  In this commit, we implement the minimal
required changes by changing the defaults for `edns-udp-size`,
`max-udp-size` and `nocookie-udp-size` to `1232` (the value picked by
DNS Flag Day 2020).

(cherry picked from commit bb990030d344dafe40a62fe5ed2741de28b8ca66)
(cherry picked from commit df06773f9a73e4a4bb0b5e7f4bd8e40394e64032)

diff --git a/bin/named/config.c b/bin/named/config.c
index 335d2a5accbbb2d66f7849998b73429ac47d165b..bec90ab2f27d38e5e8bee8fdbe06f3954bb091ca 100644 (file)
--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -65,7 +65,7 @@ options {\n\
 #      deallocate-on-exit <obsolete>;\n\
 #      directory <none>\n\
        dump-file \"named_dump.db\";\n\
-       edns-udp-size 4096;\n\
+       edns-udp-size 1232;\n\
 #      fake-iquery <obsolete>;\n"
 #ifndef WIN32
 "      files unlimited;\n"
@@ -86,11 +86,11 @@ options {\n\
 #      lock-file \"" NS_LOCALSTATEDIR "/run/named/named.lock\";\n\
        match-mapped-addresses no;\n\
        max-rsa-exponent-size 0; /* no limit */\n\
-       max-udp-size 4096;\n\
+       max-udp-size 1232;\n\
        memstatistics-file \"named.memstats\";\n\
 #      multiple-cnames <obsolete>;\n\
 #      named-xfer <obsolete>;\n\
-       nocookie-udp-size 4096;\n\
+       nocookie-udp-size 1232;\n\
        notify-rate 20;\n\
        nta-lifetime 3600;\n\
        nta-recheck 300;\n\

diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml
index 69144b26d1b22ea29079af582d09ec30b93cc02a..ca98726280924cb40e7dc20abb9e635911dbfe79 100644 (file)
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -6211,7 +6211,7 @@ options {
                  This sets the maximum size of UDP responses that are
                  sent to queries without a valid server COOKIE. A value
                  below 128 is silently raised to 128. The default
-                 value is 4096, but the <command>max-udp-size</command>
+                 value is 1232, but the <command>max-udp-size</command>
                  option may further limit the response size.
                </para>
              </listitem>
@@ -9136,7 +9136,7 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
                  authoritative servers in response to recursive queries.
                  Valid values are 512 to 4096; values outside this range
                  are silently adjusted to the nearest value within
-                 it.  The default value is 4096.
+                 it.  The default value is 1232.
                </para>
                <para>
                  The usual reason for setting
@@ -9188,7 +9188,7 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
                  <command>named</command> sends, in bytes.
                  Valid values are 512 to 4096; values outside this
                  range are silently adjusted to the nearest
-                 value within it.  The default value is 4096.
+                 value within it.  The default value is 1232.
                </para>
                <para>
                  This value applies to responses sent by a server; to