Document that rules are not for creating by the thousands

author bert hubert <bert.hubert@netherlabs.nl>

Tue, 20 Jun 2017 20:58:17 +0000 (22:58 +0200)

committer GitHub <noreply@github.com>

Tue, 20 Jun 2017 20:58:17 +0000 (22:58 +0200)
author bert hubert <bert.hubert@netherlabs.nl>
Tue, 20 Jun 2017 20:58:17 +0000 (22:58 +0200)
committer GitHub <noreply@github.com>
Tue, 20 Jun 2017 20:58:17 +0000 (22:58 +0200)
diff --git a/pdns/README-dnsdist.md b/pdns/README-dnsdist.md

index 1a8c0a6adff90cf60964f48f87ea277456b42405..827a7e9007147511f2680f717f493e6f27b8c562 100644 (file)
--- a/pdns/README-dnsdist.md
+++ b/pdns/README-dnsdist.md
@@ -471,6 +471,7 @@ single operation with `setRules()`:
  > setRules( { newRuleAction(TCPRule(), AllowAction()), newRuleAction(AllRule(), DropAction()) } )
  ```
  
+NOTE: Adding large numbers of rules (200+) is slow, and will also impact performance significantly. Instead of creating numerous rules, consider using smaller numbers of individual rules that match large numbers of domains or IP addresses, for example using a `SuffixMatchNodeRule` or a `NetmaskGroupRule`. These rules are optimized for hosting thousands or millions of domain names or IP addresses. 
  
  More power
  ----------
author	bert hubert <bert.hubert@netherlabs.nl>
	Tue, 20 Jun 2017 20:58:17 +0000 (22:58 +0200)
committer	GitHub <noreply@github.com>
	Tue, 20 Jun 2017 20:58:17 +0000 (22:58 +0200)