resolved: lower SERVFAIL cache timeout from 30s to 10s
Apparently 30s is a bit too long for some cases, see #5552. But not caching SERVFAIL at all also breaks stuff, see explanation in201d99584e
. Let's try to find some middle ground, by lowering the cache timeout to 10s. This should be ample for the problem201d99584e
attackes, but not as long as half a miute, as #5552 complains. Fixes: #5552
This commit is contained in:
parent
34f80876f8
commit
19bcef9dc3
|
@ -20,7 +20,7 @@
|
||||||
|
|
||||||
/* How long to cache strange rcodes, i.e. rcodes != SUCCESS and != NXDOMAIN (specifically: that's only SERVFAIL for
|
/* How long to cache strange rcodes, i.e. rcodes != SUCCESS and != NXDOMAIN (specifically: that's only SERVFAIL for
|
||||||
* now) */
|
* now) */
|
||||||
#define CACHE_TTL_STRANGE_RCODE_USEC (30 * USEC_PER_SEC)
|
#define CACHE_TTL_STRANGE_RCODE_USEC (10 * USEC_PER_SEC)
|
||||||
|
|
||||||
typedef enum DnsCacheItemType DnsCacheItemType;
|
typedef enum DnsCacheItemType DnsCacheItemType;
|
||||||
typedef struct DnsCacheItem DnsCacheItem;
|
typedef struct DnsCacheItem DnsCacheItem;
|
||||||
|
|
Loading…
Reference in a new issue