[ratelimits] can't trigger rate-limit
Vernon Schryver
vjs at rhyolite.com
Tue Jan 1 07:32:26 UTC 2013
> From: Irwin Tillman <irwin at princeton.edu>
> I'm unable to get the rate-limit to trigger.
> I figure I'm missing something simple.
>
> Platform: BIND 9.9.2-P1 with the rate limit patch on Solaris 10 SPARC.
> It's an authoritative only server.
> ...
I don't see the problem. Perhaps it would help evolve a small
configuration that works toward your actual configuration.
>From the hints about your configuration, I wrote this /tmp/named.conf:
options {
directory "/tmp";
pid-file "pid";
session-keyfile "session.key";
listen-on port 8053 { 127.0.0.1; };
rate-limit {
responses-per-second 5;
};
};
logging {
channel rl {
severity info;
print-category yes; print-time yes; print-severity yes; file "rl-log";
};
category rate-limit { rl; };
};
I tested BIND 9.9.2-P1 with the rrl patch on FreeBSD 9.0-RELEASE
running as
% ./named -f -c /tmp/named.conf
with
% repeat 10 dig @127.0.0.1 +short +tries=1 +time=3 -p 8053 rhyolite.com
192.188.61.3
192.188.61.3
192.188.61.3
192.188.61.3
192.188.61.3
;; connection timed out; no servers could be reached
192.188.61.3
192.188.61.3
192.188.61.3
192.188.61.3
and got that timeout for the dropped response and the following in
/tmp/rl-log:
01-Jan-2013 07:17:25.924 rate-limit: info: limit responses to 127.0.0.0/24 for rhyolite.com IN A (38cbb7f2)
Vernon Schryver vjs at rhyolite.com
More information about the ratelimits
mailing list