[ratelimits] rate limit vs querylog

Vernon Schryver vjs at rhyolite.com
Fri Sep 28 15:29:19 UTC 2012

> From: Mathieu Arnold <mat at mat.cc>

> I run both BIND 9.8.3-vjs197.16-P2 and BIND 9.9.1-vjs197.15-P2 so, they're
> the right version of the patch, I think, they still are way too noisy by
> default.

"continue rate limit" messages to the rate-limit category are
supposed to be triggered by 60 second timers in each rate limit bucket.
If you set a the print-severity level of a channel that gets
rate-limit category messages to various debugging levels,
you can see more than message per response.

The current version of the patch generates INFO level queries category
messages for every drop or slip.
Unless I'm confused every query generates at least one INFO level
queries category message for every query.

} From: Tony Finch <dot at dotat.at>

} The RRL patch uses LOGCATEGORY_QUERIES in a couple of places, in
} client.c:ns_cient_error() and query.c:query_find(), and it does
} not check server->log_queries before making these logging calls.
} I think this is what Richard was complaining about.

Oh, thanks!

My thinking was that those two places should be like QUERY_ERROR(),
query_error(), and log_queryerror().  For example, server->log_queries
or `rndc querylog` does not affect log messages for REFUSED responses.
However, I didn't pay attention to the loglevel=ISC_LOG_DEBUG(3)
statement in query_error().

So should the per-response queries category rate limiting messages 
be at ISC_LOG_DEBUG(3) and not affected by `rndc querylog`
or should they like the default per-query logging and at INFO severity
and controlled by `rndc querylog`?

Vernon Schryver    vjs at rhyolite.com

More information about the ratelimits mailing list