For the limit on total number of connections: "Absent any other information,[...]
150 is a reasonable value for this limit in most cases."
Maybe this could use a clarification that 150 is good advice only if you _don't_ have any "TCP-only" clients, like e.g. DoT stubs?
I would not be so sure that DoT/DoH are the only cases. What about busy authoritative servers? You get 150 by default, and then some important RRset gets over the UDP limit (say, a DNSKEY rollover) and you get into problems due to overzealous connection limits. IMHO 150 is extremely cheap for a (potentially) busy server.
--Vladimir | knot-resolver.cz
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
