named tcp dos?
Randy Bush
randy at psg.com
Thu Aug 2 19:58:32 UTC 2018
> mdig @147.28.0.39 -f queries.txt
>
> queries.txt contains 40x
> switch.ch A
>
> I would suggest something like this:
>
> rate-limit {
> // start rate-limiting if more then X identical
> // responses per second, default 0 i.e. unlimited
> responses-per-second 25;
> nxdomains-per-second 25;
> errors-per-second 25;
> // credit/penalty WINDOW, default 15
> window 10;
> // send TC for every X-th rate-limited response, default 2
> slip 1;
> };
ok. done. thank you.
> Depending on your "max-udp-size" value (default 4096) you may also want
> to increase "tcp-clients" setting (default 150).
both are default. suggestions? are there that many folk doing tcp out
there?
randy
More information about the bind-users
mailing list