From: Evan Hunt <each@isc.org>
Date: Mon, 3 Aug 2015 19:50:59 +0000 (-0700)
Subject: [v9_9] add fetchlimit to README
X-Git-Tag: v9.9.8b1~1
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=de476c9f4d96a5f50e52e9f721702120e897e122;p=thirdparty%2Fbind9.git

[v9_9] add fetchlimit to README
---

diff --git a/README b/README
index d3df48d3130..65a1872fa13 100644
--- a/README
+++ b/README
@@ -55,7 +55,29 @@ BIND 9.9.8
 
 	BIND 9.9.8 is a maintenance release and addresses bugs
 	found in BIND 9.9.7 and earlier, as well as the security
-	flaws described in CVE-2015-4620 and CVE-2015-5477.
+	flaws described in CVE-2015-4620 and CVE-2015-5477. It also
+        makes the following new features available via a compile
+        time option:
+
+	- New "fetchlimit" quotas are now available for the use of
+	  recursive resolvers that are are under high query load for
+	  domains whose authoritative servers are nonresponsive or are
+	  experiencing a denial of service attack.
+
+	  + "fetches-per-server" limits the number of simultaneous queries
+	    that can be sent to any single authoritative server.  The
+	    configured value is a starting point; it is automatically
+	    adjusted downward if the server is partially or completely
+	    non-responsive. The algorithm used to adjust the quota can be
+	    configured via the "fetch-quota-params" option.
+	  + "fetches-per-zone" limits the number of simultaneous queries
+	    that can be sent for names within a single domain.  (Note:
+	    Unlike "fetches-per-server", this value is not self-tuning.)
+          + New stats counters have been added to count
+	    queries spilled due to these quotas.
+
+          NOTE: These options are NOT built in by default; use
+          "configure --enable-fetchlimit" to enable them.
 
 BIND 9.9.7