[ratelimits] CH/TXT/id.server queries rate-limited

paul vixie paul at redbarn.org
Fri Oct 26 04:43:49 UTC 2012

On 10/26/2012 2:48 AM, Jay Daley wrote:
> Either you are rate limiting at X qps in which case it should stop in
> the first second where the traffic is < X or you are actually
> describing the use of multiple buckets as I described previously.


> To put it simply, if you stop limiting 60 seconds later then you are
> actually talking about X qpm not X qps. 

the log is 60 seconds late because that's how often idle buckets are swept.

but there's more to that answer.

the window size describes the dimensions of a penalty box. the victim's
bucket gets some tokens every second, and it loses a token for every
attempted response. when the bucket contains zero or negative tokens,
responses are suppressed. but it can keep on going more and more
negative if more responses are suppressed than tokens credited each
second, up to a maximum of "rate * window". this effectively means that
if somebody is pounding the hell out of a bucket they can remain in the
"stopped" state for "window" seconds after their behaviour improves.
thus, a penalty box of "window" dimension.

all of this is explained at
<http://ss.vix.com/~vixie/isc-tn-2012-1.txt>. readability patches are

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/ratelimits/attachments/20121026/ca16ddc2/attachment.htm>

More information about the ratelimits mailing list