ip-ratelimit-factor ?
Wouter Wijngaards
wouter at nlnetlabs.nl
Mon Dec 10 08:41:05 UTC 2018
Hi Fredrik,
I don't think such a value is really there, you are supposed to turn off
the ratelimit by setting the ratelimit to 0.
I could change it to let the ratelimit-factor of 1 be a all let through
instead of all dropped, what would be the most useful? All drop sounds
useful too?
Best regards, Wouter
On 12/8/18 2:58 AM, Fredrik Pettai via Unbound-users wrote:
>>From the man page:
>
> ip-ratelimit-factor: <number>
> Set the amount of queries to rate limit when the limit is
> exceeded.
> If set to 0, all queries are dropped for addresses where
> the limit
> is exceeded. If set to another value, 1 in that number is
> allowed
> through to complete. Default is 10, allowing 1/10 traffic
> to flow
> normally. This can make ordinary queries complete (if
> repeatedly
> queried for), and enter the cache, whilst also mitigating
> the traf‐
> fic flow by the factor given.
>
>
> I interpret this as setting "ip-ratelimit-factor: 1" should allow all
> queries (1/1,
>
> per man-text above) to flow through. Although that doesn't seem to be
> the case.
>
> Instead, it looks more like value 0, when everything exceeding is just
> dropped.
>
> What value should I set to allow all exceeding queries to be let through?
>
> (this is the behavior of unbound-1.8.2)
>
>
> /P
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20181210/968857f0/attachment.bin>
More information about the Unbound-users
mailing list