<html><head>
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
</head><body text="#000000" bgcolor="#FFFFFF"><br>
<br>
<blockquote style="border: 0px none;"
cite="mid:20150211100010.GC12197@xs.powerdns.com" type="cite">
<div style="margin:30px 25px 10px 25px;" class="__pbConvHr"><div
style="display:table;width:100%;border-top:1px solid
#EDEEF0;padding-top:5px"> <div
style="display:table-cell;vertical-align:middle;padding-right:6px;"><img
photoaddress="bert.hubert@netherlabs.nl" photoname="bert hubert"
src="cid:part1.01030600.09030903@redbarn.org" name="postbox-contact.jpg"
width="25px" height="25px"></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;width:100%">
<a moz-do-not-send="true" href="mailto:bert.hubert@netherlabs.nl"
style="color:#737F92
!important;padding-right:6px;font-weight:bold;text-decoration:none
!important;">bert hubert</a></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;">
<font color="#9FA2A5"><span style="padding-left:6px">Wednesday,
February 11, 2015 2:00 AM</span></font></div></div></div>
<div style="color: rgb(136, 136, 136); margin-left: 24px;
margin-right: 24px;" __pbrmquotes="true" class="__pbConvBody">
<pre wrap="">On Tue, Feb 10, 2015 at 03:28:10PM -0800, Paul Vixie wrote:
</pre>
<blockquote type="cite"><pre wrap="">have you looked at <a class="moz-txt-link-freetext" href="http://www.redbarn.org/dns/ratelimits">http://www.redbarn.org/dns/ratelimits</a> (DNS RRL)?
</pre></blockquote><pre wrap=""><!---->
We lovingly cloned it into a superset even ;-)
<a class="moz-txt-link-freetext" href="http://7bits.nl/tmp/unlisted/lua-policy-engine.html">http://7bits.nl/tmp/unlisted/lua-policy-engine.html</a></pre></div>
</blockquote>
<br>
looks nice, even if it is in C++ :-).<br>
<blockquote style="border: 0px none;"
cite="mid:20150211100010.GC12197@xs.powerdns.com" type="cite">
<div style="color:#888888;margin-left:24px;margin-right:24px;"
__pbrmquotes="true" class="__pbConvBody">
<pre wrap="">
</pre>
<blockquote type="cite"><pre wrap="">i think you'll see that it's not pure TC=1, but rather, some drops with
occasional TC=1's.
</pre></blockquote><pre wrap=""><!---->
Out of a 1000 packets, I get 994 TC=1 and 6 regular answers.
</pre></div>
</blockquote>
<br>
that is NOT a recommended configuration. i suspect that f-root has
changed the default "slip" and "drop" values. a lot of people fear
drops. RRL drops deliberately, and this behaviour must not be disabled.<br>
<br>
<div class="moz-signature">-- <br>Paul Vixie<br>
</div>
</body></html>