RRL settings that work for you
Phil Mayers
p.mayers at imperial.ac.uk
Wed May 27 15:14:13 UTC 2015
On 26/05/15 22:00, Mike Hoskins (michoski) wrote:
> However, as we've mostly just been turning knobs in an attempt to minimize
> log entries... insight from operators is appreciated.
We run with:
rate-limit { responses-per-second 20; };
3x internet-facing resolvers answering about 5-25k qps across a couple
of hundred zones. Seems to work fine. Had no complaints, very effective
at stopping reflection attacks based on what we observe.
More information about the bind-users
mailing list