On 2018/05/17 21:13, Florian Obser wrote:
> On Thu, May 17, 2018 at 07:26:47PM +0100, Stuart Henderson wrote:
> > On 2018/05/17 19:06, Florian Obser wrote:
> > > 2) turn on minimal-reponses and refuse-any per default
> > >
> > > I think these are better / sane defaults.
> >
> > I agree, OK.
> >
On Thu, May 17, 2018 at 07:26:47PM +0100, Stuart Henderson wrote:
> On 2018/05/17 19:06, Florian Obser wrote:
> > 2) turn on minimal-reponses and refuse-any per default
> >
> > I think these are better / sane defaults.
>
> I agree, OK.
>
> What do you think about an commented-out entry in
On 2018/05/17 19:06, Florian Obser wrote:
> Two diffs for the price of one!
>
> 1) From upcomming nsd 4.1.22:
>refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
>and allows TCP queries like normal.
OK.
> 2) turn on minimal-reponses and refuse-any per default
>
> I
On 2018/05/17 12:12, Todd C. Miller wrote:
> On Thu, 17 May 2018 19:06:27 +0200, Florian Obser wrote:
>
> > 1) From upcomming nsd 4.1.22:
> >refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
> >and allows TCP queries like normal.
>
> So the idea is that a well-behaved
On Thu, 17 May 2018 19:06:27 +0200, Florian Obser wrote:
> 1) From upcomming nsd 4.1.22:
>refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
>and allows TCP queries like normal.
So the idea is that a well-behaved client doing an ANY query will
retry with TCP? That does
Two diffs for the price of one!
1) From upcomming nsd 4.1.22:
refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
and allows TCP queries like normal.
2) turn on minimal-reponses and refuse-any per default
I think these are better / sane defaults.
I take OKs for both or