DNS_RRL_MAX_RATE defines 1000
程智勇
chengzhycn at gmail.com
Wed Jul 8 06:47:36 UTC 2020
Hi, all
I deployed a cluster of DNS which combined with a master and two slaves recently. I opened the response rate limiting function in slaves, which parameters like below:
rate-limit {
ipv4-prefix-length 32;
responses-per-second 250;
all-per-second 1000;
min-table-size 1000000;
max-table-size 5000000;
log-only no;
};
But even with this configuration, there were still some dns queries dropped cause the RRL. I viewed the rrl.h and noticed the max rrl rate are defined like this:
#define DNS_RRL_MAX_RATE 1000
And "all-rer-second” shouldn’t larger than DNS_RRL_MAX_RATE.
So could anybody tell me why DNS_RRL_MAX_RATE defined 1000? And is there any other methods to bypass this limits?
Thanks and Regards, Zhiyong Cheng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200708/c3040f63/attachment.htm>
More information about the bind-users
mailing list