nanog mailing list archives

Re: DNS - connection limit (without any extra hardware)

From: "Luke C" <very.luke () gmail com>
Date: Mon, 11 Dec 2006 17:15:09 +0100

I use to slave "." which can save time on recursive DNS servers when they

have

a lot of dross to answer (assuming it is totally random dross).


I'm not sure to understand your solution.
You configure your name-server as a slave-root-server?

On 12/8/06, Simon Waters <simonw () zynet net> wrote:

On Friday 08 December 2006 14:40, you wrote:
>
> For this reason, I would like that a DNS could response maximum to 10
> queries per second given by every single Ip address.

That may trap an email server or two.

Did you consider checking what they are looking up, and lying to them
about
the TTL/answer "127.0.0.1 for a week" maybe better than NXDOMAIN.

I use to slave "." which can save time on recursive DNS servers when they
have
a lot of dross to answer (assuming it is totally random dross).

I suspect complex rate limiting may be nearly as expensive as providing
DNS
answers with Bind9.

Current thread:

Re: repair zombie machines (was: DNS - connection limit), (continued)
- - - Re: repair zombie machines (was: DNS - connection limit) william(at)elan.net (Dec 09)
    - Re: DNS - connection limit (without any extra hardware) Hank Nussbacher (Dec 09)
    - Re: DNS - connection limit (without any extra hardware) Petri Helenius (Dec 10)
    - Re: DNS - connection limit (without any extra hardware) Hank Nussbacher (Dec 10)
    - Re: DNS - connection limit (without any extra hardware) Gadi Evron (Dec 10)
    - Re: DNS - connection limit (without any extra hardware) Petri Helenius (Dec 10)
    - Re: DNS - connection limit (without any extra hardware) Jo Rhett (Dec 27)
- Re: DNS - connection limit (without any extra hardware) Simon Waters (Dec 08)
  - Re: DNS - connection limit (without any extra hardware) Matt Ghali (Dec 08)
    - Re: DNS - connection limit (without any extra hardware) Luke C (Dec 11)
  - Re: DNS - connection limit (without any extra hardware) Luke C (Dec 11)
    - Re: DNS - connection limit (without any extra hardware) Simon Waters (Dec 11)
    - Re: DNS - connection limit (without any extra hardware) Matt Ghali (Dec 11)
    - Re: DNS - connection limit (without any extra hardware) Mark Andrews (Dec 11)
- Re: DNS - connection limit (without any extra hardware) Gadi Evron (Dec 08)
  - Re: DNS - connection limit (without any extra hardware) ♓ (Dec 08)
- Re: DNS - connection limit (without any extra hardware) Douglas Otis (Dec 08)
- Re: DNS - connection limit (without any extra hardware) Scott Weeks (Dec 08)
  - Re: DNS - connection limit (without any extra hardware) Jo Rhett (Dec 27)
    - Re: DNS - connection limit (without any extra hardware) Randy Bush (Dec 27)
- Re: DNS - connection limit (without any extra hardware) Fergie (Dec 08)

(Thread continues...)