[rbldnsd] List servers

Sun Mar 14 15:55:34 MSK 2010

Scott Haneda wrote:
> On Mar 14, 2010, at 4:06 AM, Benedict White wrote:
>
>   
>> Scott Haneda wrote:
>>
>>     
>>> 1 million per day is only about 10 per second - even a 486DX2 would
>>> easily deal with that.
>>>       
>> Any idea what sort of bandwidth that would be?
>>     
>
> Let's say that the size of a query reply is 260 bytes [1], multiplied by 1,000,000 equals 247.955322 megabytes per day, or 7.26431608 gigabytes per month.  Not insignificant, and that is a very top end of the scale estimation.  Cutting it in half is probably more realistic.
>
> DNSBL's to tend to return more bytes than normal DNS requests just because of the nature of prefixing the domain with a reversed IP, email address, or some other lookup data.  There are also TXT records, which could be around double those numbers I believe.
>
> between 4GB and 7GB a month I would say, which most ISP's on a leased server are easily throwing in as part of the cost.
>
> I think worries will not be bandwidth related, but resource.  I can remember many times in the past when a BL went under DDoS attack, and only the upstream can help you in those cases.  I do not believe the local machine has the power to even handle the blocking, if you can even get into it anymore :)
>
> [1] http://w6.nic.fr/dnsv6/resp-size.html
>   

If you wish to make a public service and if it becomes popular you
should prepare for this sort of bandwidth as dealing with the traffic as
an after thought, whilst not impossible is significantly more
difficult.  You should also be aware that some DNSBls (aka "the
competition") will request strongly (demand) they are placed first in
the "we've blocked you" priority, and whilst with some MTAs this can
mean less lookups to you, it can also mean that you see the traffic and
the blocked party never sees your blocked message so you will not get
advertising revenue.  Similarly if a large appliance vendor (or scoring
program such as Spamassassin etc) picks up your list you will see a lot
of DNS queries with no return traffic for any revenue.

For general interest SORBS' main RBL servers are currently running at
6.5T/month of DNS traffic per server, there are 15 "main" servers.

That equates to around US$2000 per month in traffic alone for a provider
such as Softlayer.

Add to that traffic for rsync access, any website (including delisting
process and information) and you should realise that starting a new
DNSBl is nothing to be taken lightly.

Best regards,

Michelle

PS: This is a little offtopic for this list (I think) so if you wish to
carry on or get more information I would suggest to moving it to another
list.  dnsbl-setup at sorbs.net is for general DNSBl discussion (though
advertising/launching any other DNSBl would be considered off-topic.) 
You're welcome to discuss with me there. 
http://www.au.sorbs.net/lists.shtml has the details.