BIND DNS rate-limit: qps-scale understanding
DOUGLAS, BRENT
bd063r at att.com
Tue Jan 8 22:12:22 UTC 2019
Referencing: http://www.zytrax.com/books/dns/ch7/hkpng.html#rate-limit and
https://ftp.isc.org/isc/bind9/9.10.8-P1/doc/arm/Bv9ARM.pdf Page 119
Definition:
Range allowed is 1 to very big number (actually 32 bit unsigned value, which is still a very big number). Default is not to apply qps-scaling. The rate limiting function calculates the approximate query per second load on the DNS from all sources (including TCP queries). The qps-scale, if defined, is then applied which may result in a reduction of the user supplied limits, such as responses-per-second during high-load situations. Thus, assume the user defined responses-per-second 10; and a qps-scale 200; then if the DNS server is receiving queries (from all sources, including TCP) at a rate of 500 per second the following algorithm is applied (qps-scale/DNS query arrival rate) * responses-per-second = effective rate-limit, substituting actual values gives (200/500) * 10 = 4, meaning that in the defined load conditions the 5th and subsequent identical response in any 1 second to any specific client will be dropped (or trigger any defined slip<http://www.zytrax.com/books/dns/ch7/hkpng.html#slip> parameter action). The qps-scale value, if used, should thus be set to the maximum desired DNS transaction (query response) rate for the server.
http://www.zytrax.com/books/dns/ch7/hkpng.html#rate-limit
My questions:
With my understanding reading the definition above, the "DNS query arrival rate" is the current number of queries per second being sent to the DNS server which changes dynamically NOT the capacity of queries per second the DNS server is able to handle.
Is my understanding true?
How is the "DNS query arrival rate" calculated by the DNS server?
If the qps-scale is defined, not 0, will the qps-scale formula always be used?
For example: qps-scale 500; responses-per-second 50; "DNS query arrival rate" 200
(500 / 200) * 50 = 125 effective responses-per-second
or
is the qps-scale formula only used when the "DNS query arrival rate" is approximate or exceeds the qps-scale value?
Thanks
Brent D
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20190108/2d6a922e/attachment.html>
More information about the bind-users
mailing list