Hi Kishore,
you can indeed do so with iptables for example. Have a look at the
hashlimit or the limit module. They are both capable of limiting per
protocol, per dest or source ip and can be configured to trigger only
after reaching a burstlimit. You can enforce a udp packet rate which is
all
Hi,
is there any reason for what you are not performing this rate limiting
using some firewall like iptables/netfilter?
You could limit the incoming requests at this point with ease and the
nameserver would never get in touch with dropped requests thus not waste
cpu time.
Also this approach
Hey Pol,
can someone tell me how to configure (view?) to allow some clients
(192.168.1/24) to see a BIND internal zone and other clients
(192.168.2/24) see REAL zone on internet?
did you take a look at
https://kb.isc.org/article/AA-00851/0/Understanding-views-in-BIND-9-by-example.html
alread
3 matches
Mail list logo
