testing ratelimiting

[Ralph Dolmans]

Hi Fredrik,

On 03-09-18 16:19, Fredrik Pettai via Unbound-users wrote:
> Hi,
> 
> I’m experimenting a bit with the ratelimit features in unbound (1.6.7), 
> I just configured example suggestions to see how it turns out. 
> 
> server:
>     ratelimit: 1000
>     ip-ratelimit: 100
> 
> So for instance, I see this in the log:
> 
> Sep  3 08:43:09 rl-test unbound: [21732:0] notice: ratelimit exceeded 172.17.0.3 100
> Sep  3 08:43:09 rl-test unbound: [21732:1] notice: ip_ratelimit allowed through for ip address 172.17.0.3
> Sep  3 08:43:09 rl-test unbound: [21732:1] notice: ip_ratelimit allowed through for ip address 172.17.0.3
> Sep  3 08:43:09 rl-test unbound: [21732:2] notice: ip_ratelimit allowed through for ip address 172.17.0.3
> Sep  3 08:43:10 rl-test unbound: [21732:0] notice: ip_ratelimit allowed through for ip address 172.17.0.3
> Sep  3 08:43:10 rl-test unbound: [21732:0] notice: ip_ratelimit allowed through for ip address 172.17.0.3
> 
> First line indicate that thread 0 reports that 172.17.0.3 exceeded the ip-ratelimit of 100 qps. 
> Second to sixth line indicate that thread 0-2 reports that the enforcement is released. 
> 
> I'm thinking / wondering...
> - Wouldn’t be good if first line could mention that it’s the ip-ratelimit that kicked in?

Yes, that would make the logging more consistent. I changed the log line
to "ip_ratelimit exceeded"

> - Why the repeated/duplicate messages (logged the same second) about "allowed through” ? (bug?)

This is not the release of the limit but the queries that are allowed to
pass based on your ip-ratelimit-factor setting.

-- Ralph

> 
> Thx,
> /P
>