On 29 Mar 2013, at 21:26, Rok Potočnik <[email protected]> wrote: > Can we expect unbound query rate liming > (http://www.redbarn.org/dns/ratelimits) per client/source in future releases?
Response rate limiting is designed for authoritative name servers. It does not work well for recursive servers, because most recursive clients are cacheless so it is normal for them to repeat queries in a way that would be unreasonable for cacheing iterative clients. Response rate limiting is not just a per client query limit. The way to secure a recursive server is to answer queries only from your network's IP addresses. Tony. _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
