Mercurial > repos > other > Puppet
comparison common/named.conf @ 198:353652f49cd2 puppet-3.6
Reduce memory footprint of named even more
Most domains are looked up once (by fail2ban) so not having it
cached isn't a major issue. We just need a resolver.
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sat, 11 May 2019 09:17:07 +0100 |
| parents | a08de3153548 |
| children |
comparison
equal
deleted
inserted
replaced
| 197:23c4f6a38b57 | 198:353652f49cd2 |
|---|---|
| 26 cause your server to become part of large scale DNS amplification | 26 cause your server to become part of large scale DNS amplification |
| 27 attacks. Implementing BCP38 within your network would greatly | 27 attacks. Implementing BCP38 within your network would greatly |
| 28 reduce such attack surface | 28 reduce such attack surface |
| 29 */ | 29 */ |
| 30 recursion yes; | 30 recursion yes; |
| 31 max-cache-size 150m; | 31 max-cache-size 10m; |
| 32 | 32 |
| 33 dnssec-enable yes; | 33 dnssec-enable yes; |
| 34 dnssec-validation yes; | 34 dnssec-validation yes; |
| 35 | 35 |
| 36 /* Path to ISC DLV key */ | 36 /* Path to ISC DLV key */ |