[ratelimits] false positive text

Joe Abley jabley at hopcount.ca
Thu May 16 14:53:45 UTC 2013

On 2013-05-16, at 15:38, Matthijs Mekking <matthijs at nlnetlabs.nl> wrote:

> Response rate limit tries to limit the amount of DNS responses triggered by attack queries.

... and in this context, "attack" really means "excessive" or "unnecessary". These are queries that which can be dropped without reducing the quality of DNS service intended by the nameserver operator to be provided by the nameserver. They may result from an attack, or they might have some other cause.

You go on to characterise "false positive", "false negative" etc in a way that matches my understanding of those terms.


More information about the ratelimits mailing list