Hi Remi, Yes my bad ... I missed that. Just a thought, next time the documentation is updated, Section 5.1.1 Examples and Section 15.6 Rules for traffic exceeding QPS limits could both use a note that it is UDP only. Since it is such a simple action, I didn't even look at the reference.
What do you think of this alternative, I could use the same MaxQPSIPRule rule and tag the query and pass it along to the recursor. In a lua script I could check the tag and add a delay. I need to read up on it .. but I am assuming the lua processing is multithreaded? I could also add a second MaxQPSIPRule with a higher qps value and add a DropAction to protect the recursor. Thanks for your quick response, Regards, brian On Fri, Aug 16, 2019 at 8:49 AM Remi Gacogne <remi.gaco...@powerdns.com> wrote: > Hi Brian, > > On 8/15/19 3:35 PM, Brian Sullivan wrote: > > Enclosed is the pcap file > > > > > > My assumption is that I should have seen a 1 second delay added to > > queries 3 - 10. Or at least some subset of them since the first delay > > would have throttled the dns test client. > > Looking at the PCAP, it seems that you are sending your queries over > TCP. I'm afraid DelayAction() is UDP-only at the moment. I believe it's > mentioned in the documentation but perhaps we should make that clearer :-/ > > Best regards, > -- > Remi Gacogne > PowerDNS BV - https://www.powerdns.com/ > _______________________________________________ > dnsdist mailing list > email@example.com > https://mailman.powerdns.com/mailman/listinfo/dnsdist > -- Brian M. Sullivan Senior Staff Security Intelligence Engineer bsulli...@lookout.com | www.lookout.com
_______________________________________________ dnsdist mailing list firstname.lastname@example.org https://mailman.powerdns.com/mailman/listinfo/dnsdist