Commit 3f3d9f1d authored by Franco Fichtner's avatar Franco Fichtner

unbound: "remove" edns support

edns flag was added in 2014, but it could never be set.
Remove buffer size override along with it to further
simplify the situation.

See: https://github.com/pfsense/pfsense/commit/3b95d9e
(cherry picked from commit 493ee561)
parent 90b1df04
......@@ -257,7 +257,6 @@ EOF;
$prefetch_key = !empty($config['unbound']['prefetchkey']) ? "yes" : "no";
$outgoing_num_tcp = !empty($config['unbound']['outgoing_num_tcp']) ? $config['unbound']['outgoing_num_tcp'] : "10";
$incoming_num_tcp = !empty($config['unbound']['incoming_num_tcp']) ? $config['unbound']['incoming_num_tcp'] : "10";
$edns_buffer_size = !empty($config['unbound']['edns_buffer_size']) ? $config['unbound']['edns_buffer_size'] : "4096";
$num_queries_per_thread = !empty($config['unbound']['num_queries_per_thread']) ? $config['unbound']['num_queries_per_thread'] : "4096";
$jostle_timeout = !empty($config['unbound']['jostle_timeout']) ? $config['unbound']['jostle_timeout'] : "200";
$cache_max_ttl = !empty($config['unbound']['cache_max_ttl']) ? $config['unbound']['cache_max_ttl'] : "86400";
......@@ -342,7 +341,6 @@ cache-min-ttl: {$cache_min_ttl}
harden-dnssec-stripped: {$dnssecstripped}
outgoing-num-tcp: {$outgoing_num_tcp}
incoming-num-tcp: {$incoming_num_tcp}
edns-buffer-size: {$edns_buffer_size}
num-queries-per-thread: {$num_queries_per_thread}
infra-host-ttl: {$infra_host_ttl}
infra-cache-numhosts: {$infra_cache_numhosts}
......
......@@ -175,11 +175,6 @@ function system_resolvconf_generate($dynupdate = false)
}
}
// Add EDNS support
if (isset($config['unbound']['enable']) && isset($config['unbound']['edns'])) {
$resolvconf .= "options edns0\n";
}
$dnslock = lock('resolvconf', LOCK_EX);
file_put_contents('/etc/resolv.conf', $resolvconf);
......
......@@ -35,9 +35,19 @@ if(empty($config['unbound']) || !is_array($config['unbound'])) {
$config['unbound'] = array();
}
$copy_fields = array('msgcachesize', 'outgoing_num_tcp', 'incoming_num_tcp', 'edns_buffer_size',
'num_queries_per_thread', 'jostle_timeout', 'cache_max_ttl', 'cache_min_ttl',
'infra_host_ttl', 'infra_cache_numhosts','unwanted_reply_threshold', 'log_verbosity');
$copy_fields = array(
'cache_max_ttl',
'cache_min_ttl',
'incoming_num_tcp',
'infra_cache_numhosts',
'infra_host_ttl',
'jostle_timeout',
'log_verbosity',
'msgcachesize',
'num_queries_per_thread',
'outgoing_num_tcp',
'unwanted_reply_threshold',
);
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig = array();
......@@ -47,7 +57,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['infra_host_ttl'] = 900;
$pconfig['jostle_timeout'] = 200;
$pconfig['infra_cache_numhosts'] = 10000;
$pconfig['edns_buffer_size'] = 4096;
$pconfig['num_queries_per_thread'] = 4096;
$pconfig['log_verbosity'] = "1";
......@@ -217,23 +226,6 @@ include_once("head.inc");
</div>
</td>
</tr>
<tr>
<td><a id="help_for_edns_buffer_size" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext("EDNS Buffer Size") ?></td>
<td>
<select id="edns_buffer_size" name="edns_buffer_size" class="selectpicker">
<?php
foreach (array("512", "1480", "4096") as $size) :?>
<option value="<?= $size ?>" <?= $pconfig['edns_buffer_size'] == $size ? 'selected="selected"' : '' ?>>
<?= $size ?>
</option>
<?php
endforeach;?>
</select>
<div class="hidden" for="help_for_edns_buffer_size">
<?= gettext("Number of bytes size to advertise as the EDNS reassembly buffer size. This is the value that is used in UDP datagrams sent to peers. RFC recommendation is 4096 (which is the default). If you have fragmentation reassemble problems, usually seen as timeouts, then a value of 1480 should help. The 512 value bypasses most MTU path problems, but it can generate an excessive amount of TCP fallback.") ?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_num_queries_per_thread" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Number of queries per thread");?></td>
<td>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment