Reduce the number of "bad configuration options" flags
tl;dr:
- Reduce the number of bad option flags.
- Print a warning when an option is flagged
experimental. - Do something about the non-operational flags
test onlyanddefault changed
There is a subtle difference between unsupported configuration options:
-
ancient: these are options that existed in 9.8 but removed in 9.9. Having them in named.conf is a configuration error, causing named to exit on startup. -
obsoleted: these are options that no longer do anything, and should be removed from the configuration file, but is not a configuration error. Having these options in named.conf will log a warning that says the option is obsoleted and should be removed. -
deprecated: these are options that still work but are deprecated. They will no longer be supported and you should use the newer configuration options. They will still work, and configuring them will trigger the expected behavior, but these options will be removed in a future version. -
not implemented: These options are not implemented but do have a option name assigned. -
not yet implemented: These options are not yet implemented but do have a option name assigned. -
not operational: These options only do something if at compile time the feature was enabled, otherwise they are ignored. -
not configured: These options are only allowed if at compile time the feature was enabled, otherwise having them in named.conf is a configuration error. - Then there are the options that have no special handling, these are "unknown". They are a configuration error and cause named to exit at startup.
Below are the list of options that fall in one of these categories.
Let's reduce the number of options to the following:
- "unknown": Any option that is not supported and will result in a configuration error does not need a special flag. When encountering such an option, named will log that it encountered an "unknown option". Includes all
ancientoptions. -
ancient: These options are treated the same way as the unknown options, except it tells the operator and implementer the option was in use in the past. -
obsoleted: This option does nothing and having them in your configuration file is a noop. The option may be removed in the future. This includes not (yet) implemented options.not implementedandnot yet implementedoptions will be treated similar asobsoleted(the idea being that if an option is implemented it should be functional`). -
deprecated: This option still works, but should be removed because the option may be removed in the future. -
not configured: These options are only allowed if their feature is enabled at compile time. Having them in your named.conf otherwise is a configuration error.not operationalis promoted tonot configured.
In addition to these bad configuration options there is also difference between good options:
- The normal options that do not require any special processing or logging.
-
multiple: This option is the same as normal options but may appear multiple times. -
experimental: Experimental options that (currently) are treated as normal options. -
default changed: This tells the user that if the configuration option is not present, the default has changed. -
test only: This option is for testing purposes only.
Experimental options should also trigger a log warning.
We may want to do something about the broken default changed and test only options.
Ancient options
| option | clause |
|---|---|
| deallocate-on-exit | options |
| fake-iquery | options |
| has-old-clients | options |
| host-statistics | options |
| host-statistics-max | options |
| multiple-cnames | options |
| named-xfer | options |
| serial-queries | options |
| statistics-interval | options |
| treat-cr-as-space | options |
| use-id-pool | options |
| fetch-glue | view |
| min-roots | view |
| rfc2308-type1 | view |
| topology | view |
| maintain-ixfr-base | zone |
| max-ixfr-log-size | zone |
| ixfr-base | zone |
| ixfr-tmp-file | zone |
| pubkey | zone |
Obsoleted options
| option | clause |
|---|---|
| lwres | top |
| geoip-use-ecs | options |
| sit-secret | options |
| use-ixfr | options |
| acache-cleaning-interval | view |
| acache-enable | view |
| additional-from-auth | view |
| additional-from-cache | view |
| allow-v6-synthesis | view |
| cleaning-interval | view |
| dnssec-enable | view |
| filter-aaaa | view |
| filter-aaaa-on-v4 | view |
| filter-aaaa-on-v6 | view |
| max-acache-size | view |
| nosit-udp-size | view |
| queryport-pool-ports | view |
| queryport-pool-updateinterval | view |
| request-sit | view, server |
| use-queryport-pool | view |
| support-ixfr | server |
Deprecated options
| option | clause |
|---|---|
| managed-keys | top, view, bind.keys |
| trusted-keys | top, view, bind.keys |
Not implemented
None.
Not yet implemented
| option | clause |
|---|---|
| suppress-initial-notify | view |
Not operational
| option | clause | feature |
|---|---|---|
| lmdb-mapsize | view | lmdb |
Not configured
| option | clause | feature |
|---|---|---|
| dnstap-output | options | dnstap |
| dnstap-identity | options | dnstap |
| dnstap-version | options | dnstap |
| fstrm-set-buffer-hint | options | dnstap |
| fstrm-set-flush-timeout | options | dnstap |
| fstrm-set-input-queue-size | options | dnstap |
| fstrm-set-output-notify-threshold | options | dnstap |
| fstrm-set-output-queue-model | options | dnstap |
| fstrm-set-output-queue-size | options | dnstap |
| fstrm-set-reopen-interval | options | dnstap |
| geoip-directory | options | geoip |
| dnsrps-enable | view, rpz | dnsrps |
| dnsrps-options | view, rpz | dnsrps |
| dnstap | view | dnstap |
Edited by Matthijs Mekking