[dnsdist] DelayAction with dnsdist 1.4.0-rc1

Brian Sullivan brian.sullivan at lookout.com
Fri Aug 16 13:04:52 UTC 2019


Hi Remi,

Yes my bad ... I missed that.  Just a thought, next time the documentation
is updated, Section 5.1.1 Examples and Section 15.6 Rules for traffic
exceeding QPS limits could both use a note that it is UDP only. Since it is
such a simple action, I didn't even look at the reference.

What do you think of this alternative, I could use the same MaxQPSIPRule
rule and tag the query and pass it along to the recursor. In a lua script I
could check the tag and add a delay. I need to read up on it .. but I am
assuming the lua processing is multithreaded? I could also add a second
MaxQPSIPRule with a higher qps value and add a DropAction to protect the
recursor.

Thanks for your quick response,

Regards,
brian


On Fri, Aug 16, 2019 at 8:49 AM Remi Gacogne <remi.gacogne at powerdns.com>
wrote:

> Hi Brian,
>
> On 8/15/19 3:35 PM, Brian Sullivan wrote:
> > Enclosed is the pcap file
> >
> >
> > My assumption is that I should have seen a 1 second delay added to
> > queries 3 - 10. Or at least some subset of them since the first delay
> > would have throttled the dns test client.
>
> Looking at the PCAP, it seems that you are sending your queries over
> TCP. I'm afraid DelayAction() is UDP-only at the moment. I believe it's
> mentioned in the documentation but perhaps we should make that clearer :-/
>
> Best regards,
> --
> Remi Gacogne
> PowerDNS BV - https://www.powerdns.com/
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
>


-- 



Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsullivan at lookout.com |  www.lookout.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190816/3af0c979/attachment.html>


More information about the dnsdist mailing list