DNS_RRL_MAX_RATE defines 1000
Tony Finch
dot at dotat.at
Wed Jul 8 15:45:38 UTC 2020
程智勇 <chengzhycn at gmail.com> wrote:
>
> So could anybody tell me why DNS_RRL_MAX_RATE defined 1000?
RRL is designed for authoritative DNS servers. Legitimate queries come
from recursive resolvers with caches. There should not be more than one
query for each RRset from each resolver per TTL. So a normal response rate
limit is relatively small - I set it to 10.
If you are hitting 1000 queries per second, that implies either there
are 1000 resolvers behind one IP address (which is VERY unlikely); or the
query traffic is abusive.
Are you sure the dropped traffic is legitimate?
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Channel Islands: West to southwest 4 to 5, occasionally 6 mid-channel
overnight and Thursday morning, occasionally west to northwest 2 to 4 in the
far south of the area. Slight to moderate with a low swell, perhaps
occasionally rather rough mid-channel until late morning. Occasional mist and
fog, especially overnight rain and drizzle at times, especially from Thursday
morning. Moderate to poor or very poor, locally good at times.
More information about the bind-users
mailing list