[opensuse] Response rate limiting being added to bind any time soon?
Is there any chance that response rate limiting (http://www.redbarn.org/dns/ratelimits) is going to be added to Opensuse bind any time soon? I¹d prefer not to maintain my own patched DNS server. Thanks. Scott -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Hi Scott, On Tue, Mar 18, 2014 at 05:45:47PM +0000, Scott Simpson wrote:
Is there any chance that response rate limiting (http://www.redbarn.org/dns/ratelimits) is going to be added to Opensuse bind any time soon? I¹d prefer not to maintain my own patched DNS server.
bind from the OBS network project gets built with --enable-rrl since 2014-01-21. It's at version level 9.9.4-P2 atm. But also the binaries you get for openSUSE 13.1 and 12.3 from the update channel are built with rrl enabled. Else got to http://software.opensuse.org/package/bind and pick your system. Cheers Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On 3/18/14, 11:41 AM, "Lars Müller" <lmuelle@suse.com> wrote:
But also the binaries you get for openSUSE 13.1 and 12.3 from the update channel are built with rrl enabled. Else got to http://software.opensuse.org/package/bind and pick your system.
Hmm. root@madhatter:/etc# date Tue Mar 18 11:49:02 PDT 2014 root@madhatter:/etc# service named restart root@madhatter:/etc# grep 'unknown option' /var/log/messages 2014-03-18T11:49:12.588481-07:00 madhatter named[16782]: Starting name server BIND /etc/named.conf:25: unknown option 'rate-limit' root@madhatter:/etc# grep -C 3 rate-limit /etc/named.conf managed-keys-directory "/var/lib/named/dyn/"; # Need patched version of bind for this. rate-limit { responses-per-second 5; window 5; }; root@madhatter:/etc# rpm -q bind bind-9.9.4P2-2.8.1.x86_64 root@madhatter:/etc# cat /etc/SuSE-release openSUSE 13.1 (x86_64) VERSION = 13.1 CODENAME = Bottle # /etc/SuSE-release is deprecated and will be removed in the future, use /etc/os-release instead root@madhatter:/etc# This seems to be the default bind on 13.1 and it doesn¹t seem to work. I guess I¹ll have to try from your other links.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Mar 18, 2014 at 06:55:37PM +0000, Scott Simpson wrote:
On 3/18/14, 11:41 AM, "Lars Müller" <lmuelle@suse.com> wrote:
But also the binaries you get for openSUSE 13.1 and 12.3 from the update channel are built with rrl enabled. Else got to http://software.opensuse.org/package/bind and pick your system.
Hmm.
root@madhatter:/etc# date Tue Mar 18 11:49:02 PDT 2014 root@madhatter:/etc# service named restart root@madhatter:/etc# grep 'unknown option' /var/log/messages 2014-03-18T11:49:12.588481-07:00 madhatter named[16782]: Starting name server BIND /etc/named.conf:25: unknown option 'rate-limit' root@madhatter:/etc# grep -C 3 rate-limit /etc/named.conf managed-keys-directory "/var/lib/named/dyn/";
# Need patched version of bind for this. rate-limit { responses-per-second 5; window 5; }; root@madhatter:/etc# rpm -q bind bind-9.9.4P2-2.8.1.x86_64 root@madhatter:/etc# cat /etc/SuSE-release openSUSE 13.1 (x86_64) VERSION = 13.1 CODENAME = Bottle # /etc/SuSE-release is deprecated and will be removed in the future, use /etc/os-release instead root@madhatter:/etc#
This seems to be the default bind on 13.1 and it doesn¹t seem to work. I guess I¹ll have to try from your other links.
Please file a bug report and reference this dicussion with the link to the list archive http://lists.opensuse.org/opensuse/2014-03/msg00448.html and report the bug ID back to this thread too. Please assign the bug to the maintainer and bug owner visible from the package change log. Thanks! Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
participants (2)
-
Lars Müller -
Scott Simpson