[Pdns-users] rate-limit support
Pieter Lexis
pieter.lexis at powerdns.com
Thu Jan 16 08:28:44 UTC 2020
Hi Abubin,
On 1/14/20 10:12 AM, abubin . wrote:
> I have been using pdns for a year now. It is mainly used for our
> internal LAN. Recently due to security compliance, we need to set rate
> limit to queries. A quick search found that we need to use LUA script
> for rate limit in pdns. Just wondering is this still the case or new
> version of pdns already have built-in rate limit?
The easiest way (imho) is using dnsdist[1]. You can use the
MaxQPSIPRule[2] to limit QPS per address or netmask:
addAction(MaxQPSIPRule(5), DropAction())
This would drop all traffic from each address that sends more than 5 QPS.
Best regards,
Pieter
1 - https://dnsdist.org
2 - https://dnsdist.org/rules-actions.html?highlight=maxqps#MaxQPSIPRule
--
Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com
More information about the Pdns-users
mailing list