1. 11 May, 2016 2 commits
  2. 06 May, 2016 1 commit
  3. 03 May, 2016 1 commit
    • Marek Vavrusa's avatar
      daemon: out-of-order processing for TCP · c23edd06
      Marek Vavrusa authored
      * daemon now processes messages over TCP stream
      out-of-order and concurrently
      * support for TCP_DEFER_ACCEPT
      * support for TCP Fast-Open
      * there are now deadlines for TCP for idle/slow
      streams (to prevent slowloris; pruning)
      * there is now per-request limit on timeouts
      (each request is allowed 4 timeouts before bailing)
      * faster request closing, unified retry/timeout timers
      * rare race condition in timer closing fixed
      c23edd06
  4. 18 Apr, 2016 3 commits
    • Marek Vavrusa's avatar
      daemon: mode(strict|normal|permissive) · e61c48ef
      Marek Vavrusa authored
      the daemon has now three modes of strictness
      checking from strict to permissive.
      it reflects the tradeoff between resolving the
      query in as few steps as possible and security
      for insecure zones
      e61c48ef
    • Marek Vavrusa's avatar
      engine: clear bad scorers from RTT every 5 minutes · b64d6ce7
      Marek Vavrusa authored
      an internal timer walks RTT timer periodically and
      clears entries with bad results every 5 minutes.
      this means that a timeouted entry penalty is 
      capped to that interval, making sure that the
      bad reputation doesn't last forever
      b64d6ce7
    • Marek Vavrusa's avatar
      engine: throttle outbound queries only when busy · 0b02bf5f
      Marek Vavrusa authored
      resolver will always attempt to contact upstreams
      known to be bad if it's not busy.
      this fixes a problem on low-volume resolvers
      where a short connection outage could make
      resolvers deny resolving queries even after the
      connection is restored
      0b02bf5f
  5. 14 Apr, 2016 1 commit
  6. 07 Apr, 2016 1 commit
  7. 06 Apr, 2016 1 commit
    • Marek Vavrusa's avatar
      trust_anchors: added custom timers, limit history · 5e7591f0
      Marek Vavrusa authored
      new trust anchors variables:
      * trust_anchors.hold_down_time = 30 * day
      * trust_anchors.refresh_time = nil
      * trust_anchors.keep_removed = 0
      
      these could be used to control how often should
      root trust anchors be checked and how many removed
      keys should be kept in log (0 by default)
      5e7591f0
  8. 04 Apr, 2016 1 commit
  9. 30 Mar, 2016 1 commit
  10. 29 Mar, 2016 5 commits
  11. 08 Mar, 2016 1 commit
    • Marek Vavrusa's avatar
      daemon: track case when all upstreams fail · 8700f00d
      Marek Vavrusa authored
      previously full timeout led to reset of the evaluated
      address list and no upstream server was penalised
      for not answering the query, this penalises all of
      tried servers with TIMEOUT
      8700f00d
  12. 03 Feb, 2016 3 commits
  13. 30 Jan, 2016 3 commits
  14. 23 Jan, 2016 2 commits
  15. 22 Jan, 2016 5 commits
  16. 21 Jan, 2016 2 commits
  17. 11 Jan, 2016 3 commits
  18. 23 Dec, 2015 1 commit
  19. 17 Dec, 2015 2 commits
  20. 10 Dec, 2015 1 commit