RE: Enabing RRL in bind
Thanks Evan. J -Original Message- From: Evan Hunt [mailto:e...@isc.org] Sent: Tuesday, December 31, 2013 1:27 AM To: Gaurav Kansal Cc: bind-users@lists.isc.org Subject: Re: Enabing RRL in bind On Mon, Dec 30, 2013 at 05:47:13PM +0530, Gaurav Kansal wrote: > In bind 9.9.4, Reponse-Rate Limit doesn't work until you configure > bind with "-enable-rrl" option. > > I was wondering why is it so ? > > Why not this feature is enabled by default in bind. RRL was added to the BIND 9.9 branch late, in release 9.9.3. Ordinarily, it's our policy only to add new features in 9.x.0 releases. We felt that this feature was important enough to make an exception to our usual rule, but since code changes of that size always introduce a risk of destabilization, we decided to make it a compile-time option: those who want RRL can get it; those who don't can skip it. RRL will be enabled by default in 9.10.0. -- Evan Hunt -- <mailto:e...@isc.org> e...@isc.org Internet Systems Consortium, Inc. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Enabing RRL in bind
On Mon, Dec 30, 2013 at 05:47:13PM +0530, Gaurav Kansal wrote: > In bind 9.9.4, Reponse-Rate Limit doesn't work until you configure bind with > "-enable-rrl" option. > > I was wondering why is it so ? > > Why not this feature is enabled by default in bind. RRL was added to the BIND 9.9 branch late, in release 9.9.3. Ordinarily, it's our policy only to add new features in 9.x.0 releases. We felt that this feature was important enough to make an exception to our usual rule, but since code changes of that size always introduce a risk of destabilization, we decided to make it a compile-time option: those who want RRL can get it; those who don't can skip it. RRL will be enabled by default in 9.10.0. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Enabing RRL in bind
I wrote on 12/30/2013 11:17:58 AM: > > "BIND 9.9.4 provides support for Response Rate Limiting (RRL). However it > is not enabled by default when building BIND. The reason for this is that > BIND 9.9 is an Extended Support Version of BIND and per our policy on > mangement of ESVs, we do not introduce any new features or functionality > to a stable ESV version." > > https://kb.isc.org/article/AA-01058/0 For more information on Extended Support Versions see https://www.isc.org/downloads/software-support-policy/ Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Enabing RRL in bind
From: Gaurav Kansal > In bind 9.9.4, Reponse-Rate Limit doesn?t work until you configure bind with > ??enable-rrl? option. > > I was wondering why is it so ? > > Why not this feature is enabled by default in bind. > > I tried to find out the same in ARM but didn?t get any success. "BIND 9.9.4 provides support for Response Rate Limiting (RRL). However it is not enabled by default when building BIND. The reason for this is that BIND 9.9 is an Extended Support Version of BIND and per our policy on mangement of ESVs, we do not introduce any new features or functionality to a stable ESV version." https://kb.isc.org/article/AA-01058/0 Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Enabing RRL in bind
On 30/12/2013 22:17, Gaurav Kansal wrote: > Hi Guys, > > In bind 9.9.4, Reponse-Rate Limit doesn't work until you configure bind with > “—ENABLE-RRL” option. > > I was wondering why is it so ? Because it can be detrimental to existing sites if configured wrongly, its something not all sites would need, greater than 50% of resolvers are caching, not authoritative, therefore currently it's an "extra" option, it's also "new", in 5 years time maybe it will be a default, but to do so now would be wrong. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users