On Thu, Jan 14, 2016 at 08:45:29AM +0000, Alejandro Adroher Mellado wrote: > Morning Everyone!!
GOOD MORNING! > I’m trying to rate limit the number of queries per second allowed on my DNS > recursor, using iptables. > I’m using a modified script who works perfectly, but I’m limited for one of > the settings. Unless you are seeing hundreds of thousands of queries per second, dnsdist might be a better choice for you, http://dnsdist.org/ It has a bunch of simple settings that probably do just what you want. See for example: https://github.com/PowerDNS/pdns/blob/master/pdns/README-dnsdist.md#per-domain-or-subnet-qps-limiting But dnsdist offers way more than that to help you. You might for example delay some answers, or strip the RD bit so your servers don't need to do any work for certain subnets etc. > How do you rate limit your DNS servers? With dnsdist. Feel free to join us on the dnsdist mailinglist (http://mailman.powerdns.com/mailman/listinfo/dnsdist ) and let's see if we can make a nice config for you. Bert _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users