lot of 'ripe.net IN ANY +ED' queries
Paul Wouters
paul at cypherpunks.ca
Mon Jul 23 20:21:52 UTC 2012
On Mon, 23 Jul 2012, Stephane Bortzmeyer wrote:
> The operators of F-root use this on their FreeBSD machines to
> rate-limit per source IP:
>
> add pipe 1 udp from any to any 53 in
> pipe 1 config mask src-ip 0xffffffff buckets 1024 bw 400Kbit/s queue 3
> add pipe 2 tcp from any to any 53 in
> pipe 2 config mask src-ip 0xffffffff buckets 1024 bw 100Kbit/s queue 3
But that will totally ruin djb's claim that dnssec is the cause of the
internet melt down!
Paul
More information about the bind-users
mailing list