kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/dns/bind99
History
Erwin Lansing fb20fb9362 Update RPZ+RRL patchset to the latest version. 
The change makes "slip 1;" send only truncated (TC=1) responses.
Without the change, "slip 1;" is the same as the default of "slip 2;".
That default, which alternates truncated with dropped responses
when the rate limit is exceeded, is better for authoritative DNS
servers, because it further reduces the amplification of an attack
from about 1X to about 0.5X.

DNS RRL is not recommended for recursive servers.

Feature safe:	yes
2013-04-17 07:57:54 +00:00
..
distinfo Update RPZ+RRL patchset to the latest version. 2013-04-17 07:57:54 +00:00
Makefile Update RPZ+RRL patchset to the latest version. 2013-04-17 07:57:54 +00:00
pkg-descr
pkg-plist Update to 9.9.2 2012-10-19 10:17:27 +00:00