[ratelimits] rrl in the nominet blog
Paul Vixie
paul at redbarn.org
Thu Jun 30 05:44:38 UTC 2016
<<One outstanding question for us is why didn’t response rate limiting
(RRL) kick in? The nameserver involved was apparently configured to do
this limiting, and each error response should have contributed to it
being triggered. The nature of this event means that even dropping a
single response would be enough to stop it in its tracks. Sure enough,
it was determined that RRL was not correctly configured at that time. We
now have it running and occasionally we see short bursts of this
behaviour; but they do not have the chance to develop to the scale seen
here before the RRL kicks in.>>
http://www.nominet.uk/researchblog/machine-pong/
--
P Vixie
More information about the ratelimits
mailing list