[ratelimits] rate limit vs querylog
Vernon Schryver
vjs at rhyolite.com
Fri Sep 28 03:29:45 UTC 2012
> From: Richard Doty <rad at twig.com>
> I find that if I have the queries category defined in named.conf, the
> "continue rate limit" log messages are logged regardless of the setting
> of querylog; i.e. toggling querylog with rndc affects logging of actual
> queries, but not the ratelimit messages. Is that intentional?
>
> This is BIND 9.9.1-P3 on Solaris 10 x86
In the most recent version of the RRL patch for 9.9.1,
by popular demand the "continue rate limit", "would rate limit", and
"rate limit" messages go to the "rate-limit" category instead of
the "queries" category that is controlled by `rndc quereylog on/off`.
People complained that previous versions of the patch were too noisy.
Separate messages like "...rate limit drop ... response to ..."
about the fates of individual responses go to the "queries" category
and are controlled by `rndc quereylog on/off`.
So guess I the answer is that it is intentional until there are enough
convincing complaints and suggestions about how it should be instead.
Because the "continue rate limit" messages should happen at most once
per minute per (qname,qtype,IP address block), I don't see a compelling
need to control them with rndc.
Vernon Schryver vjs at rhyolite.com
More information about the ratelimits
mailing list