In unbound-1.4.6, there is a line "mesh->num_reply_addrs > mesh->max_reply_states*16" in function mesh_new_client() in mesh.c. Comments above the line says that "protect our memory usage from storing reply addresses". In a extreme case, however, some mesh_state(query) will have a lot of mesh_reply. That is to say, a lot of same queries with same <qname, qtype, qclass> from different IPs will flood the resolver. surfeit queries should be ignored, isn't it ?
2011-08-19 Mingxing
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
