[ratelimits] NXDOMAINS rate-limited despite nxdomains-per-second set to 0
Vernon Schryver
vjs at rhyolite.com
Tue Oct 9 14:23:19 UTC 2012
> From: Anand Buddhdev <anandb at ripe.net>
> It looks like the rate-limit was still being applied to NXDOMAIN
> responses. Is this a bug?
Yes, the current version of the patch uses responses-per-second rate.
Applying the following patch for the RRL patch after installing the
RRL patch should fix it. However, a new version of the RRL patch
should be released soon.
Vernon Schryver vjs at rhyolite.com
*** lib/dns/orig-rrl.c Tue Oct 9 14:14:10 2012
--- lib/dns/rrl.c Tue Oct 9 14:17:58 2012
***************
*** 328,333 ****
--- 328,334 ----
memset(key, 0, sizeof(*key));
hval = 0;
+ key->kflags = kflags;
if ((kflags & (DNS_RRL_KFLAG_NXDOMAIN | DNS_RRL_KFLAG_ERROR |
DNS_RRL_KFLAG_USED_TCP)) == 0) {
key->qtype = qtype;
More information about the ratelimits
mailing list