remove SAFEMODE
I have no real solution in mind, I'll just keep a running list of what SAFEMODE does here, since I have been bitten in the backparts by it multiple times and the documentation really doesn't cut it (“Don’t use fancy stuff (EDNS, 0x20, …)”).
- turns off
Ox20randomization - turns off server selection (to be changed in !1030 (merged))
- turns off some EDNS stuff that I don't understand
- ensures that there is a retry after REFUSED (see code below; this means that if you overwrite
query->SAFEMODEafter this, the resolver may cycle on REFUSED)
static int resolve_badmsg(knot_pkt_t *pkt, struct kr_request *req, struct kr_query *query)
{
#ifndef STRICT_MODE
/* Work around broken auths/load balancers */
if (query->flags.SAFEMODE) {
return resolve_error(pkt, req);
} else if (query->flags.NO_MINIMIZE) {
query->flags.SAFEMODE = true;
return KR_STATE_DONE;
} else {
query->flags.NO_MINIMIZE = true;
return KR_STATE_DONE;
}
#else
return resolve_error(pkt, req);
#endif
}Removing it, is probably a better idea: especially with the new server selection error reporting we could probably make the workarounds more granular than they are now.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information