[dnsdist] [EXT] Re: How to apply dynamic rules with pools?

Remi Gacogne remi.gacogne at powerdns.com
Wed Feb 23 16:25:16 UTC 2022


On 23/02/2022 17:20, Willis, Michael wrote:
> I changed the to rule to:
> dbr:setQTypeRate(DNSQType.ANY, 1, 10, "Exceeded ANY rate", 600)
> After testing It looks like the entire 10 seconds needed to elapse 
> before the rule is evaluated.
> I was not expecting this logic, and that was tripping me up. I was 
> thinking that the rules were not applying at all.

For low rates it does indeed often take the whole interval to trigger, 
but it might trigger more quickly than that depending on the traffic. 
For example if one client sends 101 ANY queries per second during one 
second, it should be enough to trigger your rule almost immediately.

I can see how that's surprising, if you think of any way we can improve 
the documentation on that point please let us know! Pull requests are of 
course very welcome, but even suggesting a few lines to add to the 
documentation on this mailing-list already helps a lot :)

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20220223/2af148a9/attachment.sig>


More information about the dnsdist mailing list