deprecate resolver-retry-interval and resolver-nonbackoff-tries

these options control default timing of retries in the resolver
for experimental purposes; they are not known to useful in production
environments.  they will be removed in the future; for now, we
only log a warning if they are used.

CHANGES

@@ -1,3 +1,7 @@
+6296.	[func]		The "resolver-nonbackoff-tries" and
+			"resolver-retry-interval" options are deprecated;
+			a warning will be logged if they are used. [GL #4405]
+
 6295.	[bug]		Fix an assertion failure which could occur during
 			shutdown when DNSSEC validation was running. [GL #4462]
 

bin/tests/system/checkconf/deprecated.conf

@@ -27,6 +27,9 @@ options {
 	avoid-v4-udp-ports { range 1 1023; };
 	avoid-v6-udp-ports { range 1 1023; };
 
+	resolver-nonbackoff-tries 3;
+	resolver-retry-interval 800;
+
 	dnssec-must-be-secure mustbesecure.example yes;
 };
 

bin/tests/system/checkconf/tests.sh

@@ -174,6 +174,8 @@ grep "option 'avoid-v4-udp-ports' is deprecated" <checkconf.out$n.1 >/dev/null |
 grep "option 'avoid-v6-udp-ports' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
 grep "option 'dialup' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
 grep "option 'heartbeat-interval' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
+grep "option 'resolver-nonbackoff-tries' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
+grep "option 'resolver-retry-interval' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
 grep "option 'dnssec-must-be-secure' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
 grep "token 'port' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
 if [ $ret -ne 0 ]; then echo_i "failed"; fi

doc/arm/reference.rst

@@ -4230,18 +4230,22 @@ Tuning
    has no effect, the value of :any:`max-cache-ttl` will be ``0`` in such case.
 
 .. namedconf:statement:: resolver-nonbackoff-tries
-   :tags: server
+   :tags: deprecated.
    :short: Specifies the number of retries before exponential backoff.
 
-   This specifies how many retries occur before exponential backoff kicks in. The
-   default is ``3``.
+   This specifies how many retries occur before exponential backoff kicks in.
+   The default is ``3``.
+
+   This option is deprecated and will be removed in a future release.
 
 .. namedconf:statement:: resolver-retry-interval
-   :tags: server, query
+   :tags: deprecated
    :short: Sets the base retry interval (in milliseconds).
 
    This sets the base retry interval in milliseconds. The default is ``800``.
 
+   This option is deprecated and will be removed in a future release.
+
 .. namedconf:statement:: sig-validity-interval
    :tags: obsolete
 

doc/misc/options

@@ -247,9 +247,9 @@ options {
 	request-ixfr <boolean>;
 	request-nsid <boolean>;
 	require-server-cookie <boolean>;
-	resolver-nonbackoff-tries <integer>;
+	resolver-nonbackoff-tries <integer>; // deprecated
 	resolver-query-timeout <integer>;
-	resolver-retry-interval <integer>;
+	resolver-retry-interval <integer>; // deprecated
 	resolver-use-dns64 <boolean>;
 	response-padding { <address_match_element>; ... } block-size <integer>;
 	response-policy { zone <string> [ add-soa <boolean> ] [ log <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ policy ( cname | disabled | drop | given | no-op | nodata | nxdomain | passthru | tcp-only <quoted_string> ) ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ] [ ede <string> ]; ... } [ add-soa <boolean> ] [ break-dnssec <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ min-ns-dots <integer> ] [ nsip-wait-recurse <boolean> ] [ nsdname-wait-recurse <boolean> ] [ qname-wait-recurse <boolean> ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ] [ dnsrps-enable <boolean> ] [ dnsrps-options { <unspecified-text> } ];
@@ -523,9 +523,9 @@ view <string> [ <class> ] {
 	request-ixfr <boolean>;
 	request-nsid <boolean>;
 	require-server-cookie <boolean>;
-	resolver-nonbackoff-tries <integer>;
+	resolver-nonbackoff-tries <integer>; // deprecated
 	resolver-query-timeout <integer>;
-	resolver-retry-interval <integer>;
+	resolver-retry-interval <integer>; // deprecated
 	resolver-use-dns64 <boolean>;
 	response-padding { <address_match_element>; ... } block-size <integer>;
 	response-policy { zone <string> [ add-soa <boolean> ] [ log <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ policy ( cname | disabled | drop | given | no-op | nodata | nxdomain | passthru | tcp-only <quoted_string> ) ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ] [ ede <string> ]; ... } [ add-soa <boolean> ] [ break-dnssec <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ min-ns-dots <integer> ] [ nsip-wait-recurse <boolean> ] [ nsdname-wait-recurse <boolean> ] [ qname-wait-recurse <boolean> ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ] [ dnsrps-enable <boolean> ] [ dnsrps-options { <unspecified-text> } ];

doc/notes/notes-current.rst

@@ -35,6 +35,9 @@ Removed Features
 - The support for AES algorithm for DNS cookies has been removed.
   :gl:`#4421`
 
+- The ``resolver-nonbackoff-tries`` and ``resolver-retry-interval`` options
+  are now deprecated. A warning will be logged if they are used. :gl:`#4405`
+
 Feature Changes
 ~~~~~~~~~~~~~~~
 

lib/isccfg/namedconf.c

@@ -2133,9 +2133,11 @@ static cfg_clausedef_t view_clauses[] = {
 	{ "request-nsid", &cfg_type_boolean, 0 },
 	{ "request-sit", NULL, CFG_CLAUSEFLAG_ANCIENT },
 	{ "require-server-cookie", &cfg_type_boolean, 0 },
-	{ "resolver-nonbackoff-tries", &cfg_type_uint32, 0 },
+	{ "resolver-nonbackoff-tries", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_DEPRECATED },
 	{ "resolver-query-timeout", &cfg_type_uint32, 0 },
-	{ "resolver-retry-interval", &cfg_type_uint32, 0 },
+	{ "resolver-retry-interval", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_DEPRECATED },
 	{ "response-padding", &cfg_type_resppadding, 0 },
 	{ "response-policy", &cfg_type_rpz, 0 },
 	{ "rfc2308-type1", NULL, CFG_CLAUSEFLAG_ANCIENT },