1. 09 Jul, 2015 1 commit
    • Evan Hunt's avatar
      [master] DDoS mitigation features · 1479200a
      Evan Hunt authored
      3938.	[func]		Added quotas to be used in recursive resolvers
      			that are under high query load for names in zones
      			whose authoritative servers are nonresponsive or
      			are experiencing a denial of service attack.
      
      			- "fetches-per-server" limits the number of
      			  simultaneous queries that can be sent to any
      			  single authoritative server.  The configured
      			  value is a starting point; it is automatically
      			  adjusted downward if the server is partially or
      			  completely non-responsive. The algorithm used to
      			  adjust the quota can be configured via the
      			  "fetch-quota-params" option.
      			- "fetches-per-zone" limits the number of
      			  simultaneous queries that can be sent for names
      			  within a single domain.  (Note: Unlike
      			  "fetches-per-server", this value is not
      			  self-tuning.)
      			- New stats counters have been added to count
      			  queries spilled due to these quotas.
      
      			See the ARM for details of these options. [RT #37125]
      1479200a
  2. 06 Jul, 2015 1 commit
  3. 05 Jul, 2015 1 commit
    • Mark Andrews's avatar
      4152. [func] Implement DNS COOKIE option. This replaces the · ce67023a
      Mark Andrews authored
                              experimental SIT option of BIND 9.10.  The following
                              named.conf directives are avaliable: send-cookie,
                              cookie-secret, cookie-algorithm and nocookie-udp-size.
                              The following dig options are available:
                              +[no]cookie[=value] and +[no]badcookie.  [RT #39928]
      ce67023a
  4. 21 May, 2015 1 commit
  5. 19 May, 2015 1 commit
  6. 03 Dec, 2014 1 commit
  7. 10 Sep, 2014 1 commit
  8. 07 Jul, 2014 1 commit
  9. 29 May, 2014 1 commit
  10. 28 May, 2014 1 commit
  11. 09 May, 2014 1 commit
  12. 05 May, 2014 1 commit
    • Mark Andrews's avatar
      3837. [security] A NULL pointer is passed to query_prefetch resulting · b36fc829
      Mark Andrews authored
                              a REQUIRE assertion failure when a fetch is actually
                              initiated.  [ RT #35899]
      
      Squashed commit of the following:
      
      commit 7f4e1f3917d743089c42cc52ec2c0eea598d2c00
      Author: Mukund Sivaraman <muks@isc.org>
      Date:   Sun May 4 22:34:34 2014 +0530
      
          Fix a comment
      
      commit 6a35a6a2346013fa8e3798b9b680d8a3031fcb03
      Author: Mark Andrews <marka@isc.org>
      Date:   Sun May 4 23:34:25 2014 +1000
      
          pass the correct name to query_prefetch
      b36fc829
  13. 12 Jan, 2014 2 commits
  14. 13 Dec, 2013 1 commit
  15. 13 Nov, 2013 1 commit
  16. 10 Apr, 2013 1 commit
  17. 03 Apr, 2013 2 commits
  18. 21 Nov, 2012 1 commit
  19. 29 Jun, 2012 2 commits
  20. 09 Feb, 2012 2 commits
  21. 28 Jul, 2011 1 commit
  22. 13 Mar, 2011 2 commits
  23. 16 Nov, 2010 1 commit
  24. 15 Sep, 2010 3 commits
  25. 19 May, 2010 2 commits
  26. 29 May, 2009 2 commits
  27. 19 Jun, 2007 1 commit
  28. 18 Jun, 2007 1 commit
  29. 05 Mar, 2004 1 commit
  30. 09 Jan, 2001 1 commit
  31. 01 Aug, 2000 1 commit