- Update unbound.conf manpage and example.conf file for ratelimit

  options.

diff --git a/doc/example.conf.in b/doc/example.conf.in
index 09047f348c37f547f4e1e9f39c69985f6cfc9d33..64f4cd9881a29996fe39ab418e066635446e7eb9 100644 (file)
--- a/doc/example.conf.in
+++ b/doc/example.conf.in
@@ -860,6 +860,10 @@ server:
        # 0 blocks when ratelimited, otherwise let 1/xth traffic through
        # ratelimit-factor: 10
 
+       # Aggressive rate limit when the limit is reached and until demand has
+       # decreased in a 2 second rate window.
+       # ratelimit-backoff: no
+
        # override the ratelimit for a specific domain name.
        # give this setting multiple times to have multiple overrides.
        # ratelimit-for-domain: example.com 1000
@@ -880,6 +884,10 @@ server:
        # 0 blocks when ip is ratelimited, otherwise let 1/xth traffic through
        # ip-ratelimit-factor: 10
 
+       # Aggressive rate limit when the limit is reached and until demand has
+       # decreased in a 2 second rate window.
+       # ip-ratelimit-backoff: no
+
        # Limit the number of connections simultaneous from a netblock
        # tcp-connection-limit: 192.0.2.0/24 12
 

diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index 9af909cab426f0963ea9135f3861f655ad3bc836..bb556300bb2f32e2dddc9746c5ffd75033fca155 100644 (file)
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1696,7 +1696,7 @@ to use different settings for a top\-level\-domain and subdomains.
 A value of 0 will disable ratelimiting for domain names that end in this name.
 .TP 5
 .B ip\-ratelimit: \fI<number or 0>
-Enable global ratelimiting of queries accepted per ip address.
+Enable global ratelimiting of queries accepted per IP address.
 If 0, the default, it is disabled.  This option is experimental at this time.
 The ratelimit is in queries per second that are allowed.  More queries are
 completely dropped and will not receive a reply, SERVFAIL or otherwise.
@@ -1723,6 +1723,15 @@ This can make ordinary queries complete (if repeatedly queried for),
 and enter the cache, whilst also mitigating the traffic flow by the
 factor given.
 .TP 5
+.B ip\-ratelimit\-backoff: \fI<yes or no>
+If enabled, the ratelimit is treated as a hard failure instead of the default
+maximum allowed constant rate.  When the limit is reached, traffic is
+ratelimited and demand continues to be kept track of for a 2 second rate
+window.  No traffic is allowed, except for ip\-ratelimit\-factor, until demand
+decreases below the configured ratelimit for a 2 second rate window.  Useful to
+set ip\-ratelimit to a suspicious rate to aggressively limit unusually high
+traffic.  Default is off.
+.TP 5
 .B outbound\-msg\-retry: \fI<number>
 The number of retries Unbound will do in case of a non positive response is
 received. If a forward nameserver is used, this is the number of retries per