-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Mon, 2021-03-29 at 12:54 +1100, Mark Andrews wrote:
> What do you have in options?
options {
directory "/var/named";
allow-recursion { "friends"; };
dnssec-enable yes;
dnssec-validation auto;
bindkeys-file "/etc/named.bind.keys";
managed-keys-directory "/var/named/dynamic";
listen-on-v6 {any;};
ixfr-from-differences yes;
max-journal-size 2m;
notify yes;
response-policy { zone "rpz.five-ten-sg.com";}
qname-wait-recurse no;
rate-limit {
responses-per-second 500;
errors-per-second 50;
nxdomains-per-second 500;
qps-scale 4000;
exempt-clients { "friends"; };
};
max-recursion-queries 200; qname-minimization disabled;
fetches-per-server 50;
fetches-per-zone 50;
server-id hostname;
};
This is on Centos 8. I will setup a VM tomorrow for more testing on
this. For now, reverted back to 9.16.12.
-----BEGIN PGP SIGNATURE-----
iHMEAREKADMWIQSuFMepaSkjWnTxQ5QvqPuaKVMWwQUCYGFRRxUcY2FybEBmaXZl
LXRlbi1zZy5jb20ACgkQL6j7milTFsFm/wCbBpzr/W/QdtUMG0hhstYcI1wpsBcA
nRdv220ju0R0IIEgbLzfbXs8CjHX
=+zDb
-----END PGP SIGNATURE-----
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
