North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS - connection limit (without any extra hardware)

  • From: Matt Ghali
  • Date: Fri Dec 08 15:36:46 2006

On Fri, 8 Dec 2006, Simon Waters wrote:

I suspect complex rate limiting may be nearly as expensive as providing DNS
answers with Bind9.
Indeed. It is generally accepted that it is easier to simply scale your service to provide adequate headroom than implement per-client traffic policies.

of course, you could also work on cleaning up the mess, but I will charitably assume you are working the problem from both directions simultaneously.

matto

--matt@snark.net------------------------------------------<darwin><
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan