[ratelimits] rate-limiting enabled by default for CH class?

Jay Ford jay-ford at uiowa.edu
Thu Jun 6 19:02:38 UTC 2013

On Thu, 6 Jun 2013, Evan Hunt wrote:
>> It seems that rate-limiting is enabled by default for the CH class.
> To be specific, it's enabled for the _bind view, containing the zones
> authors.bind, version.bind, hostname.bind and id.server.


>> Is that intentional?
> Yes.

That should be documented.

Is it enabled by default for anything else?

>> I don't see any documentation to that effect.  If so, is
>> there a way to disable it completely?  Say, something like:
>>       rate-limit { no; };
> You can create your own copy of the _bind view in named.conf, setting
> whatever options you like; it will override the defaults.  I don't
> understand why you'd want to do that, though.

I don't really want to do that, but I've found un-rate-limited answers for
looped "dig -c chaos -t txt hostname.bind +time=1 +tries=1 +short" to be
really useful for watching anycast cut-overs, which in some routing cases
causes more than 3 qps to the same server.  I guess I'll fire up my own _bind
view as you suggested & exempt my blessed queriers from the rate-limiting.

Thanks for the quick & detailed response.

Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951

More information about the ratelimits mailing list