[ratelimits] Logging category
vjs at rhyolite.com
Tue May 14 02:04:17 UTC 2013
> From: Alan Clegg <alan at clegg.com>
> >> Should the RRL slip and drop move logging from the query category to
> >> the query-errors category with "debug 1" or "debug 3" severity?
> Please put me down as a +1 for a new, distinct category for RRL logging.
The idea I suggested does not involve a new, distinct category for RRL
logging. I do not like the idea of 2 distinct rate-limit logging
categories, because I think the BIND9 logging machinery already has
too many special values, magic strings, levels, and categories but
limited flexibility. As recently I wrote, since last year the BIND9
RRL patches have had a distinct "rate-limit" category described with
proposed ARM text:
The start, periodic, and final notices of the rate limiting
of a stream of responses are logged at info severity in this
category. These messages include a hash value of the domain
name of the response and the name itself, except when there
is insufficient memory to record the name for the final notice
The final notice is normally delayed until about one minute
after rate limit stops. A lack of memory can hurry the final
notice, in which case it starts with an asterisk (*). Various
internal events are logged at debug 1 level and higher.
Rate limiting of individual requests is logged in the queries
category and can be controlled with the querylog option.
(There is a link on http://www.redbarn.org/dns/ratelimits to that text.
It also appears as a change to the ARM XML in the RRL patches.)
If the change is made, then that second paragraph would become something
Rate limiting of individual responses is logged in the "query-errors"
category with severity "debug 1" like SERVFAIL errors.
Please note that the idea is only a proposal in need of comments. Even
if the change is made, it is unlikely to be approved for official BIND9
releases with RRL for some months.
Vernon Schryver vjs at rhyolite.com
More information about the ratelimits