diff options
| author | Vladimír Čunát <vladimir.cunat@nic.cz> | 2022-02-28 19:21:04 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vladimir.cunat@nic.cz> | 2022-12-13 10:58:33 +0100 |
| commit | bb6e2de2195914c791d76fa56828050468349337 (patch) | |
| tree | 54aeac2a3f5e94e135d3e2ab9f44eda771880fe0 /lib/defines.h | |
| parent | lib/cache: tweak TTL computation for packets (diff) | |
| download | knot-resolver-bb6e2de2195914c791d76fa56828050468349337.tar.xz knot-resolver-bb6e2de2195914c791d76fa56828050468349337.zip | |
cache.max_ttl(): lower the default from six days to one day
Allowing too much seems to have more risk than benefit. For example,
the 2-day TTL on DS records in .com zone (e.g. Slack issue months ago).
Diffstat (limited to '')
| -rw-r--r-- | lib/defines.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/defines.h b/lib/defines.h index 156ff618..0d678416 100644 --- a/lib/defines.h +++ b/lib/defines.h @@ -66,7 +66,7 @@ static inline int KR_COLD kr_error(int x) { #define KR_EDNS_VERSION 0 #define KR_EDNS_PAYLOAD 1232 /* Default UDP payload; see https://www.dnsflagday.net/2020/ */ #define KR_CACHE_DEFAULT_TTL_MIN (5) /* avoid bursts of queries */ -#define KR_CACHE_DEFAULT_TTL_MAX (6 * 24 * 3600) /* 6 days, like the root NS TTL */ +#define KR_CACHE_DEFAULT_TTL_MAX (1 * 24 * 3600) /* one day seems enough; fits prefill module */ #define KR_DNAME_STR_MAXLEN (KNOT_DNAME_TXT_MAXLEN + 1) #define KR_RRTYPE_STR_MAXLEN (16 + 1) |