DNS - connection limit (without any extra hardware)

Matt Ghali matt at snark.net
Fri Dec 8 19:56:07 UTC 2006

On Fri, 8 Dec 2006, Simon Waters wrote:

> I suspect complex rate limiting may be nearly as expensive as providing DNS
> answers with Bind9.

Indeed. It is generally accepted that it is easier to simply scale 
your service to provide adequate headroom than implement per-client 
traffic policies.

of course, you could also work on cleaning up the mess, but I will 
charitably assume you are working the problem from both directions 


--matt at snark.net------------------------------------------<darwin><
   Moral indignation is a technique to endow the idiot with dignity.
                                                 - Marshall McLuhan

More information about the NANOG mailing list