Re: [opensuse] Response rate limiting being added to bind any time soon?

On 3/18/14, 11:41 AM, "Lars Müller" <lmuelle@xxxxxxxx> wrote:

But also the binaries you get for openSUSE 13.1 and 12.3 from the update
channel are built with rrl enabled. Else got to and pick your system.


root@madhatter:/etc# date
Tue Mar 18 11:49:02 PDT 2014
root@madhatter:/etc# service named restart
root@madhatter:/etc# grep 'unknown option' /var/log/messages
2014-03-18T11:49:12.588481-07:00 madhatter named[16782]: Starting name
server BIND /etc/named.conf:25: unknown option 'rate-limit'
root@madhatter:/etc# grep -C 3 rate-limit /etc/named.conf
managed-keys-directory "/var/lib/named/dyn/";

# Need patched version of bind for this.
rate-limit {
responses-per-second 5;
window 5;
root@madhatter:/etc# rpm -q bind
root@madhatter:/etc# cat /etc/SuSE-release
openSUSE 13.1 (x86_64)
VERSION = 13.1
# /etc/SuSE-release is deprecated and will be removed in the future, use
/etc/os-release instead

This seems to be the default bind on 13.1 and it doesn¹t seem to work. I
guess I¹ll have to try from your other links.

