[ratelimits] lots more tcp clients
rad at twig.com
Tue Oct 2 15:17:38 UTC 2012
Greetings, rate limiters.
As an anti-spoofing measure, diverting suspicious clients to tcp make
sense. And I understand that from an anti-spoofing point of view, there
is no reason to ratelimit tcp queries. But if a non-spoofed client is
just asking over and over, he ends up being a tcp client that is asking
over and over, and eventually I get "no more TCP clients: quota reached".
Is there any help for this?
Fwiw the case that prompts this question is a delegation to nameservers
that are unavailable; so the client _might_ be retrying a failed query;
I haven't tried to contact the client to ask why they are doing this.
But the general case is still there - the ratelimit patch just agravates it.
More information about the ratelimits