Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Register
  • Sign in
  • BIND BIND
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 616
    • Issues 616
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 94
    • Merge requests 94
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source ProjectsISC Open Source Projects
  • BINDBIND
  • Issues
  • #665
Closed
Open
Issue created Nov 07, 2018 by Cathy Almond@cathyaDeveloper

Add "rndc fetchlimits" command to dump currently-active ADB rate-limited servers and zones

Description

Per issue #664 (closed) and Support ticket https://support.isc.org/Ticket/Display.html?id=13720, it can be hard to determine whether or not a specific server is being limited by fetches-per-server if the quota is not actively being adjusted up or down. The most likely scenario where a server is being invisibly limited is when the quota has already dropped to the lowest value and has been sitting there for some time.

Request

BIND stores the current values of quota and atr (adjusted timeout rate) in the ADB entry for each server IP address.

Whilst dumping cache in order to look at the ADB entries is one way of seeing which servers are currently being rate-limited, this method of checking is not exactly 'accessible' and it would be far nicer to have a feature of rndc that does this and formats them nicely for a DNS administrator or sysadmin.

; problem-server.example.com [v4 TTL 2658] [v4 not_found] [v6 unexpected] ; 192.0.2.25 [srtt 948570] [flags 00004000] [ttl -342230] [atr 0.62] [quota 1]

Obviously, only dump the ones with a non-zero atr and/or quota < fetches-per-server

We could perhaps do something similar for fetches-per-zone.

The option's documentation should clearly indicate that per-zone rate limiting will reset and resume periodically as the zone to server mapping expires from ADB and is renewed. I believe (though happy to be told otherwise) that active address-based ADB entries will persist and not reset while the server is being queried frequently.

Links / references

Assignee
Assign to
Time tracking