[ratelimits] rate-limiting enabled by default for CH class?
Jay Ford
jay-ford at uiowa.edu
Thu Jun 6 19:02:38 UTC 2013
On Thu, 6 Jun 2013, Evan Hunt wrote:
>> It seems that rate-limiting is enabled by default for the CH class.
>
> To be specific, it's enabled for the _bind view, containing the zones
> authors.bind, version.bind, hostname.bind and id.server.
OK.
>> Is that intentional?
>
> Yes.
That should be documented.
Is it enabled by default for anything else?
>> I don't see any documentation to that effect. If so, is
>> there a way to disable it completely? Say, something like:
>> rate-limit { no; };
>
> You can create your own copy of the _bind view in named.conf, setting
> whatever options you like; it will override the defaults. I don't
> understand why you'd want to do that, though.
I don't really want to do that, but I've found un-rate-limited answers for
looped "dig -c chaos -t txt hostname.bind +time=1 +tries=1 +short" to be
really useful for watching anycast cut-overs, which in some routing cases
causes more than 3 qps to the same server. I guess I'll fire up my own _bind
view as you suggested & exempt my blessed queriers from the rate-limiting.
Thanks for the quick & detailed response.
________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951
More information about the ratelimits
mailing list