[ratelimits] lots more tcp clients

Richard Doty rad at twig.com
Tue Oct 2 15:40:52 UTC 2012


On 10/2/12 8:26 AM, Vernon Schryver wrote:
>> From: Richard Doty <rad at twig.com>
>> As an anti-spoofing measure, diverting suspicious clients to tcp make
>> sense.  And I understand that from an anti-spoofing point of view, there
>> is no reason to ratelimit tcp queries.  But if a non-spoofed client is
>> just asking over and over, he ends up being a tcp client that is asking
>> over and over, and eventually I get "no more TCP clients: quota reached".
>>
>> Is there any help for this?
> https://www.google.com/search?q=bind+%22no+more+TCP+clients%3A+quota+reached%22
> has some interesting hits.
> https://lists.isc.org/pipermail/bind-users/2003-January/044140.html
> might be especially relevant.

understood.  thank you.

Richard.


More information about the ratelimits mailing list