[ratelimits] rate limit vs querylog

Richard Doty rad at twig.com
Fri Sep 28 05:42:07 UTC 2012

On 9/27/12 8:29 PM, Vernon Schryver wrote:
>> From: Richard Doty <rad at twig.com>
>> I find that if I have the queries category defined in named.conf, the
>> "continue rate limit" log messages are logged regardless of the setting
>> of querylog; i.e. toggling querylog with rndc affects logging of actual
>> queries, but not the ratelimit messages.  Is that intentional?
>> This is BIND 9.9.1-P3 on Solaris 10 x86
> In the most recent version of the RRL patch for 9.9.1,
> by popular demand the "continue rate limit", "would rate limit", and
> "rate limit" messages go to the "rate-limit" category instead of
> the "queries" category that is controlled by `rndc quereylog on/off`.
> People complained that previous versions of the patch were too noisy.
> Separate messages like "...rate limit drop ... response to ..."
> about the fates of individual responses go to the "queries" category
> and are controlled by `rndc quereylog on/off`.
> So guess I the answer is that it is intentional until there are enough
> convincing complaints and suggestions about how it should be instead.
> Because the "continue rate limit" messages should happen at most once
> per minute per (qname,qtype,IP address block), I don't see a compelling
> need to control them with rndc.

I saw them logged in queries, so thought they might be controlled with 
querylog; I have no problem with leaving a low-frequency log message 
always turned on.

The reason I asked about turning it off is that I am getting these 
messages much more frequently than once a minute.  If the log is to be 
believed, I see a "continue rate limit" message logged after each query 
that is being rate limited.  I guess that's not expected, presumably I 
have made an error and will look again.  Thanks for clarifying.

> Vernon Schryver    vjs at rhyolite.com

More information about the ratelimits mailing list