Added RRL config options, added to server startup.

refs #2136
author: Marek Vavrusa <marek.vavrusa@nic.cz> 2013-02-25 16:03:53 +0100
committer: Marek Vavrusa <marek.vavrusa@nic.cz> 2013-02-25 16:03:53 +0100
commit: 8bcd7d79f4383686ac394c164d6855c39413a5dc (patch)
tree: 0123e79361ac46ae40c9283b0ecf13dd921b4d2c /samples
parent: Implemented distributed locking to RRL. (diff)
download: knot-8bcd7d79f4383686ac394c164d6855c39413a5dc.tar.xz
knot-8bcd7d79f4383686ac394c164d6855c39413a5dc.zip
1 files changed, 20 insertions, 0 deletions
diff --git a/samples/knot.full.conf b/samples/knot.full.conf
index 8b4571e6e..f6a9d89af 100644
--- a/samples/knot.full.conf
+++ b/samples/knot.full.conf
@@ -60,6 +60,26 @@ system {
   # f.e. 1s = 1 second, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
   # Default: 10s
   max-conn-reply 10s;
+
+  # Rate limit
+  # in queries / second
+  # Default: off (=0)
+  rate-limit 0;
+  
+  # Rate limit bucket size
+  # Number of hashtable buckets, set to reasonable value as default.
+  # We chose a reasonably large prime number as it's used for hashtable size,
+  # it is recommended to do so as well due to better distribution.
+  # Tweak if you experience a lot of hash collisions, estimated memory overhead
+  # is approx. 16B per bucket
+  # Default: 1572869 
+  rate-limit-size 1572869;
+
+  # Rate limit SLIP 
+  # Each Nth blocked response will be sent as truncated, this is a way to allow
+  # legitimate requests to get a chance to reconnect using TCP 
+  # Default: 2
+  rate-limit-slip 2;
 }
 
 # Section 'keys' contains list of TSIG keys
author	Marek Vavrusa <marek.vavrusa@nic.cz>	2013-02-25 16:03:53 +0100
committer	Marek Vavrusa <marek.vavrusa@nic.cz>	2013-02-25 16:03:53 +0100
commit	8bcd7d79f4383686ac394c164d6855c39413a5dc (patch)
tree	0123e79361ac46ae40c9283b0ecf13dd921b4d2c /samples
parent	Implemented distributed locking to RRL. (diff)
download	knot-8bcd7d79f4383686ac394c164d6855c39413a5dc.tar.xz knot-8bcd7d79f4383686ac394c164d6855c39413a5dc.zip