On 22/07/2019 09.25, Jacob Bunk Nielsen wrote:
I've been reading up on the documentation for MaxQPSIPRule() which you
can use to implement rate limits on DNS queries. A very nice feature.
I tried to have a quick view of the code and now understand this wording
better, I think.
It has a burst option which will allow clients to have bursts of
queries, but it's not very clear to me exactly what it means. The
"*burst*(/int/) – The number of burstable queries per second allowed.
Default is same as qps"
As I read the code, this would allow 10 queries as fast as you could
send them for every second. So that would effectively mean a rate limit
of 10 QPS and not 5, so it never makes sense to set burst higher than
the allowed rate. That rule would make much more sense like:
So let's say I create a rule like:
addAction(MaxQPSIPRule(5, 32, 64, 10), DelayAction(100))
This should delay any queries that exceed 5 per second with a burst of
addAction(MaxQPSIPRule(5, 32, 64, 3), DelayAction(100))
Which would mean rate limiting to 5 QPS, but allow the first 3 as fast
as you want.
Did I get this right?
dnsdist mailing list