I inherited a DNS server which is running BIND 9.8.x. There was a DNS incident where our customers complained that they saw query timeouts intermittently (Our customers run cassandra/hadoop applications and send same queries repeatedly). They also run nscd on their hosts but I was told all have same TTL value of 3600 indicating all names expire at the same time on thousands of client hosts).
I tried to reproduce the issue by sending hostname.bind queries and I see logs similar to the one below: <time> <client-hostname> named[<pid>]: limit responses to <subnet> for hostname.bind CH TXT <hex-number> <time> <client-hostname> named[<pid>]: *stop limiting responses to <subnet> for hostname.bind CH TXT <hex-number> I reviewed /etc/named.conf and do not see 'rate-limit' configuration. I am confused because BIND ARM says rate-limit is disabled by default. But logs indicate otherwise. ( I did "grep rate /etc/*" and didn't see anything. There are no includes in named.conf) Please advice on how I can disable rate-limit on my DNS server. I did a strings on 'named' binary and see this: strings /usr/sbin/named | egrep -i rrl dns_rrl dns_rrl_init dns_rrl_view_destroy What else do I need to check to identify if RRL is enabled? Thanks Blr _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
