[ratelimits] Extending RRL to refused recursive queries

Vernon Schryver vjs at rhyolite.com
Wed Apr 17 20:36:25 UTC 2013

> From: shawmplayer at yahoo.com

> Thanks for pointing this out. Am I confused because the code in 
> bin/named/client.c? doesn't report 'dropped for rate limits' 
> statistics, unlike bin/named/query.c?

Statistics counters are merely counters that might not be incremented
when something relevant happens.  I suspect that there is a bug (missing
code) that fails to increment the global and zone statistics counters
when RRL drops an error response.  I'll investigate.

The query and new rate-limit log categories could be expected to be
more accurate (and are), because they are useful for debugging new
code.  Historically, people complained that there was too much BIND9
RRL logging.  Statistics don't say much about what happens or why, and
so are not much good for writing or debugging.

The only definitive measures of what's dropped, truncated, or
something else come from watching packets on the wire.

Vernon Schryver    vjs at rhyolite.com

More information about the ratelimits mailing list