diff --git a/CHANGES b/CHANGES index 2238eae332..74c8d44e26 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4239. [func] Changed default servfail-ttl value to 1 second from 10. + Also, the maximum value is now 30 instead of 300. [RT #37556] + 4238. [bug] Don't send to servers on net zero (0.0.0.0/8). [RT #40947] diff --git a/bin/named/config.c b/bin/named/config.c index 4743be09d1..c5d5e23c29 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -156,7 +156,7 @@ options {\n\ cleaning-interval 0; /* now meaningless */\n\ # min-roots ;\n\ lame-ttl 600;\n\ - servfail-ttl 10;\n\ + servfail-ttl 1;\n\ max-ncache-ttl 10800; /* 3 hours */\n\ max-cache-ttl 604800; /* 1 week */\n\ transfer-format many-answers;\n\ diff --git a/bin/named/server.c b/bin/named/server.c index 15496d3ddb..f607cbd8d0 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -4107,8 +4107,8 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, result = ns_config_get(maps, "servfail-ttl", &obj); INSIST(result == ISC_R_SUCCESS); fail_ttl = cfg_obj_asuint32(obj); - if (fail_ttl > 300) - fail_ttl = 300; + if (fail_ttl > 30) + fail_ttl = 30; dns_view_setfailttl(view, fail_ttl); /* diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml index 803aeacdee..6a5990f5d1 100644 --- a/doc/arm/Bv9ARM-book.xml +++ b/doc/arm/Bv9ARM-book.xml @@ -8903,10 +8903,10 @@ avoid-v6-udp-ports { 40000; range 50000 60000; }; without waiting for the SERVFAIL TTL to expire. - The maximum value is 300 - (5 minutes); any higher value will be silently - reduced. The default is 10 - seconds. + The maximum value is 30 + seconds; any higher value will be silently + reduced. The default is 1 + second. diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml index e4ef31df2c..76e94f215f 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml @@ -257,7 +257,7 @@ the cache times out. This reduces the frequency of retries when a query is persistently failing, which can be a burden on recursive serviers. The SERVFAIL cache timeout is controlled - by , which defaults to 10 seconds + by , which defaults to 1 second and has an upper limit of 30.