From owner-freebsd-questions@FreeBSD.ORG  Tue Dec 26 22:03:13 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B6C5116A403
	for <freebsd-questions@freebsd.org>;
	Tue, 26 Dec 2006 22:03:13 +0000 (UTC) (envelope-from josh@tcbug.org)
Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.200.82])
	by mx1.freebsd.org (Postfix) with ESMTP id 828A113C473
	for <freebsd-questions@freebsd.org>;
	Tue, 26 Dec 2006 22:03:13 +0000 (UTC) (envelope-from josh@tcbug.org)
Received: from gimpy (c-24-118-186-172.hsd1.mn.comcast.net[24.118.186.172])
	by comcast.net (sccrmhc12) with ESMTP
	id <20061226220311012004j6sge>; Tue, 26 Dec 2006 22:03:12 +0000
From: Josh Paetzel <josh@tcbug.org>
To: freebsd-questions@freebsd.org
Date: Tue, 26 Dec 2006 16:03:09 -0600
User-Agent: KMail/1.9.4
References: <20061226171837.5e4c92a0.teklimbu@wlink.com.np>
	<200612261434875.SM00292@TX2.Go2France.com>
In-Reply-To: <200612261434875.SM00292@TX2.Go2France.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200612261603.09713.josh@tcbug.org>
Cc: Len Conrad <LConrad@go2france.com>,
	Tek Bahadur Limbu <teklimbu@wlink.com.np>
Subject: Re: Need to restrict DNS requests to just 5 per second
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Dec 2006 22:03:13 -0000

On Tuesday 26 December 2006 07:49, Len Conrad wrote:
> >I need to restrict dns (udp) requests to not more than 3 requests
> > per second from each client's IP.
>
> restricting DNS query rate, if you can find a way, will probably
> slow your clients' operations very noticeably.
>
> What problem are you trying to solve?
>
> Len
>

Well, the issue as I see it is you can't restrict the number of 
queries per second from the clients without doing something on the 
client's end.  You can restrict how many of those queries reach the 
nameserver, or perhaps even how many of those queries the nameserver 
actually responds to, but the applications at the client end are just 
going to keep retrying til they get an answer, so I would think that 
restricting answers is just going to generate more traffic in the 
end.

-- 
Thanks,

Josh Paetzel