diff options
| author |  Miek Gieben <miek@miek.nl>
| 2020-09-17 16:28:43 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-09-17 07:28:43 -0700 |
| commit | acf9a0fa19928e605ac8ac3314890c9fef73e16b (patch) | |
| tree | a442ad2a7894d86b462eade46c44db4572016333 /README.md | |
| parent | 22b68466262219284a47063e7f7bf9a833d21b61 (diff) | |
| download | coredns-acf9a0fa19928e605ac8ac3314890c9fef73e16b.tar.gz coredns-acf9a0fa19928e605ac8ac3314890c9fef73e16b.tar.zst coredns-acf9a0fa19928e605ac8ac3314890c9fef73e16b.zip | |
cache: default to DNSSEC (#4085)
* cache: default to DNSSEC
This change does away with the DNS/DNSSEC distinction the cache
currently makes. Cache will always make coredns perform a DNSSEC query
and store that result. If a client just needs plain DNS, the DNSSEC
records are stripped from the response.
It should also be more memory efficient, because we store a reply once
and not one DNS and another for DNSSEC.
Fixes: #3836
Signed-off-by: Miek Gieben <miek@miek.nl>
* Change OPT RR when one is present in the msg.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix comment for isDNSSEC
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/cache/handler.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* Update plugin/cache/item.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* Code review; fix comment for isDNSSEC
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update doc and set AD to false
Set Authenticated Data to false when DNSSEC was not wanted. Also update
the readme with the new behavior.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/cache/handler.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Diffstat (limited to 'README.md')
0 files changed, 0 insertions, 0 deletions