diff options
Diffstat (limited to 'man')
| -rw-r--r-- | man/coredns-bufsize.7 | 67 | ||||
| -rw-r--r-- | man/coredns-reload.7 | 6 | ||||
| -rw-r--r-- | man/coredns-transfer.7 | 7 |
3 files changed, 73 insertions, 7 deletions
diff --git a/man/coredns-bufsize.7 b/man/coredns-bufsize.7 new file mode 100644 index 000000000..e337ef61f --- /dev/null +++ b/man/coredns-bufsize.7 @@ -0,0 +1,67 @@ +.\" Generated by Mmark Markdown Processer - mmark.miek.nl +.TH "COREDNS-BUFSIZE" 7 "November 2019" "CoreDNS" "CoreDNS Plugins" + +.SH "NAME" +.PP +\fIbufsize\fP - sizes EDNS0 buffer size to prevent IP fragmentation. + +.SH "DESCRIPTION" +.PP +\fIbufsize\fP limits a requester's UDP payload size. +It prevents IP fragmentation so that to deal with DNS vulnerability. + +.SH "SYNTAX" +.PP +.RS + +.nf +bufsize [SIZE] + +.fi +.RE + +.PP +\fB[SIZE]\fP is an int value for setting the buffer size. +The default value is 512, and the value must be within 512 - 4096. +Only one argument is acceptable, and it covers both IPv4 and IPv6. + +.SH "EXAMPLES" +.PP +Enable limiting the buffer size of outgoing query to the resolver (172.31.0.10): + +.PP +.RS + +.nf +\&. { + bufsize 512 + forward . 172.31.0.10 + log +} + +.fi +.RE + +.PP +Enable limiting the buffer size as an authoritative nameserver: + +.PP +.RS + +.nf +\&. { + bufsize 512 + file db.example.org + log +} + +.fi +.RE + +.SH "CONSIDERATIONS" +.IP \(bu 4 +Setting 1232 bytes to bufsize may avoid fragmentation on the majority of networks in use today, but it depends on the MTU of the physical network links. +.IP \(bu 4 +For now, if a client does not use EDNS, this plugin adds OPT RR. + + diff --git a/man/coredns-reload.7 b/man/coredns-reload.7 index a4fdefe8a..97c81c9b9 100644 --- a/man/coredns-reload.7 +++ b/man/coredns-reload.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-RELOAD" 7 "October 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-RELOAD" 7 "November 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -52,8 +52,8 @@ reload [INTERVAL] [JITTER] The plugin will check for changes every \fBINTERVAL\fP, subject to +/- the \fBJITTER\fP duration. .IP \(bu 4 -\fBINTERVAL\fP and \fBJITTER\fP are Golang (durations)[https://golang.org/pkg/time/#ParseDuration -\[la]https://golang.org/pkg/time/#ParseDuration\[ra]]. +\fBINTERVAL\fP and \fBJITTER\fP are Golang durations +\[la]https://golang.org/pkg/time/#ParseDuration\[ra]. The default \fBINTERVAL\fP is 30s, default \fBJITTER\fP is 15s, the minimal value for \fBINTERVAL\fP is 2s, and for \fBJITTER\fP it is 1s. If \fBJITTER\fP is more than half of \fBINTERVAL\fP, it will be set to half of \fBINTERVAL\fP diff --git a/man/coredns-transfer.7 b/man/coredns-transfer.7 index fd9e0e7ef..96091556c 100644 --- a/man/coredns-transfer.7 +++ b/man/coredns-transfer.7 @@ -3,8 +3,7 @@ .SH "NAME" .PP -\fItransfer\fP - answer zone transfers requests for compatible authoritative -plugins. +\fItransfer\fP - perform zone transfers for other plugins. .SH "DESCRIPTION" .PP @@ -12,8 +11,8 @@ This plugin answers zone transfers for authoritative plugins that implement \fB\fCtransfer.Transferer\fR. .PP -Transfer answers AXFR requests and IXFR requests with AXFR fallback if the -zone has changed. +Transfer answers full zone transfer (AXFR) requests and incremental zone transfer (IXFR) requests +with AXFR fallback if the zone has changed. .PP Notifies are not currently supported. |