[ratelimits] rrl mention in an nlnetlabs tech report

Vernon Schryver vjs at rhyolite.com
Thu Aug 22 20:05:10 UTC 2013

> From: Jay Daley <jay at nzrs.net.nz>

> Is RRL intended to stop anything other than reflection?  (maybe possibly outgoing congestion?)

My answer is that RRL is intended to squelch excessive responses
that are quite similar.

The fact that excessive similar responses are often associated with
DNS reflection attacks is a reason pay the costs of implementing
and deploying RRL, but that's distinct from the intended results
of RRL.

RRL is like a dump truck; you can use a dump truck to haul coal,
but that's (probably) not its only use.

You can do other things with RRL.  One petty example is my use of
RRL to inconvenience those who obsessively walk my reverse DNS
zones.  They don't hit hard eough to congest my links or kill my
DNS servers, but they do irk me.


More information about the ratelimits mailing list