[93628] in North American Network Operators' Group
Re: DNS - connection limit (without any extra hardware)
daemon@ATHENA.MIT.EDU (Matt Ghali)
Fri Dec 8 15:20:41 2006
Date: Fri, 8 Dec 2006 11:56:07 -0800 (PST)
From: Matt Ghali <matt@snark.net>
To: Simon Waters <simonw@zynet.net>
Cc: Luke <very.luke@gmail.com>, nanog@merit.edu
In-Reply-To: <200612081553.57295.simonw@zynet.net>
Errors-To: owner-nanog@merit.edu
On Fri, 8 Dec 2006, Simon Waters wrote:
> I suspect complex rate limiting may be nearly as expensive as providing DNS
> answers with Bind9.
Indeed. It is generally accepted that it is easier to simply scale
your service to provide adequate headroom than implement per-client
traffic policies.
of course, you could also work on cleaning up the mess, but I will
charitably assume you are working the problem from both directions
simultaneously.
matto
--matt@snark.net------------------------------------------<darwin><
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan
