Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

dns: more tweaking for ddos handling

Browse source 
Increase the window so we keep track of more queries
Set the max number of nxdomains to try and drop those.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2023-06-14 15:28:46 -07:00
parent e6d08451ca
commit 7d2247369f
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
roles/dns/files/named.conf
View file

@ -54,10 +54,11 @@ options {
max-cache-size 1024M;
rate-limit {
responses-per-second 50;
window 5;
window 60;
max-table-size 2000000;
min-table-size 500000;
ipv4-prefix-length 32;
nxdomains-per-second 25;
};
};
//