[Pdns-dev] [dns-operations] dns response rate limiting (DNS RRL) patch available for testing

Mark Scholten | Stream Service mark at streamservice.nl
Mon Jun 25 16:13:37 CEST 2012 

Hello,

I tested a few options (see the results below). All requested records where
in the database used by PowerDNS and this are results from dnsperf.

Request a single record, no DNS cache (with IP/request rate limit)
(ratelimitextended.lua)

Statistics:

  Queries sent:         3122
  Queries completed:    3118 (99.87%)
  Queries lost:         4 (0.13%)

  Response codes:       NOERROR 1 (0.03%), REFUSED 3117 (99.97%)
  Average packet size:  request 28, response 28
  Run time (s):         0.239469
  Queries per second:   13020.474466

  Average Latency (s):  0.006919 (min 0.000848, max 0.013997)
  Latency StdDev (s):   0.001259

Request multiple records (from a database dump), no DNS cache (with ip rate
limit) (ratelimit.lua)

Statistics:

  Queries sent:         31222
  Queries completed:    31222 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 500 (1.60%), REFUSED 30722 (98.40%)
  Average packet size:  request 50, response 51
  Run time (s):         4.111412
  Queries per second:   7593.984743

  Average Latency (s):  0.013135 (min 0.000977, max 0.634192)
  Latency StdDev (s):   0.042123

Request multiple records (from a database dump), no DNS cache (no rate
limiting)

Statistics:

  Queries sent:         31222
  Queries completed:    31222 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 31196 (99.92%), SERVFAIL 10 (0.03%),
NXDOMAIN 16 (0.05%)
  Average packet size:  request 50, response 94
  Run time (s):         143.060764
  Queries per second:   218.242928

  Average Latency (s):  0.457156 (min 0.007433, max 2.141120)
  Latency StdDev (s):   0.313597

Attached are the LUA scripts I did use.

If there are other things I can/should test, feel free to ask.

Kind regards,

Mark Scholten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ratelimit.lua
Type: application/octet-stream
Size: 590 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/pdns-dev/attachments/20120625/a9bd00ed/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ratelimitextended.lua
Type: application/octet-stream
Size: 786 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/pdns-dev/attachments/20120625/a9bd00ed/attachment-0001.obj>

More information about the Pdns-dev mailing list