From: bert hubert Date: Fri, 18 Apr 2014 09:58:39 +0000 (+0200) Subject: document minimum-ttl-override, rec_control set-minimum-ttl, status of pdns-distribute... X-Git-Tag: rec-3.6.0-rc1~55 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a413953c7ae072c41db9a46786c33cd90e35217d;p=pdns document minimum-ttl-override, rec_control set-minimum-ttl, status of pdns-distributes-queries --- diff --git a/pdns/docs/pdns.xml b/pdns/docs/pdns.xml index 16e4989de..56f19858a 100644 --- a/pdns/docs/pdns.xml +++ b/pdns/docs/pdns.xml @@ -104,7 +104,9 @@ - Lots of work on the JSON API, based on Aki Tuomi's 'yahttp'. Documentation & demo forthcoming. + Lots of work on the JSON API, which is exposed via Aki Tuomi's 'yahttp'. Massive thanks to Christian Hofstaedtler for delivering + this exciting new functionality. Documentation & demo forthcoming, but code to use it is available + on GitHub. @@ -167,6 +169,12 @@ so only the question remains. Suggested in t1092, code in gadd935a. + + + No longer experimental, the switch 'pdns-distributes-queries' can improve multi-threaded performance on Linux (various cleanup commits). + + + Update to embedded PolarSSL, plus remove previous AES implementation and shift to PolarSSL (ge22d9b4, g990ad9a) @@ -14343,6 +14351,15 @@ sql> insert into domainmetadata (domain_id, kind, content) values (6, 'TSIG-ALLO + + any-to-tcp | any-to-tcp=yes | any-to-tcp=no + + + Answer questions for the ANY type on UDP with a truncated packet that refers the + remote server to TCP. Useful for mitigating ANY reflection attacks. Defaults to off. + + + auth-can-lower-ttl @@ -14426,15 +14443,6 @@ sql> insert into domainmetadata (domain_id, kind, content) values (6, 'TSIG-ALLO - - any-to-tcp | any-to-tcp=yes | any-to-tcp=no - - - Answer questions for the ANY type on UDP with a truncated packet that refers the - remote server to TCP. Useful for mitigating ANY reflection attacks. Defaults to off. - - - dont-query @@ -14640,6 +14648,17 @@ sql> insert into domainmetadata (domain_id, kind, content) values (6, 'TSIG-ALLO + + minimum-ttl-override + + + Available since 3.6, this setting artificially raises all TTLs to be at least this long. While this is a gross hack, + and violates RFCs, under conditions of DoS, it may enable you to continue serving your customers. Can be set at runtime using + 'rec_control set-minimum-ttl 3600'. To disable, set to 0 (the default). + + + + network-timeout @@ -14664,6 +14683,16 @@ sql> insert into domainmetadata (domain_id, kind, content) values (6, 'TSIG-ALLO + + pdns-distributes-queries + + + If set, PowerDNS will have only 1 thread listening on client sockets, and distribute work by itself over threads. Improves + performance on Linux. Do not use on Recursor versions before 3.6 as the feature was experimental back then, and not that stable. + + + + query-local-address @@ -14913,6 +14942,17 @@ sql> insert into domainmetadata (domain_id, kind, content) values (6, 'TSIG-ALLO + + set-minimum-ttl + + + Available since 3.6, this setting artificially raises all TTLs to be at least this long. While this is a gross hack, + and violates RFCs, under conditions of DoS, it may enable you to continue serving your customers. Corresponds + to the configuration file setting 'minimum-ttl-override'. + + + + top-remotes