I was only concerned about security, what is the limit and what should I consider to be too many connections (inbound TCP connections)?
Unless you have large record sets that cause TCP to be used, you shouldn't see any TCP connections, just UDP connections.
The number of connections would depend on the zone(s) you serve, and the TTLs of the data. For example, if you host DNS for 100s of domains, it is possible that someone sending a large mailing could hit a dozen or so of them in a short period of time. The TTL likely doesn't matter, though, as even if they come back every 5 minutes, that likely wouldn't exceed any thresholds.
I just checked the chart and I'm only seeing 14 request per second right now. I will have to review it some more to find out what the average is on a busy day.
Most likely, 1 request per second per IP would be fine. For an overall setting (blocking all IPs if more than 100 queries come in per second, for example), though, you're probably just going to make the attack worse (as nobody will get responses, rather than some people).
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches both viruses and vulnerabilities in E-mail, with no annual licensing fees.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
