From 5f13d87b8d2e30bf1ee3f0f4063ef59fb4545122 Mon Sep 17 00:00:00 2001
From: bert hubert <bert.hubert@netherlabs.nl>
Date: Tue, 20 Jun 2017 22:58:17 +0200
Subject: [PATCH] Document that rules are not for creating by the thousands

This addresses #5433, which featured a user attempting to create 30k rules.
---
 pdns/README-dnsdist.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pdns/README-dnsdist.md b/pdns/README-dnsdist.md
index 1a8c0a6ad..827a7e900 100644
--- a/pdns/README-dnsdist.md
+++ b/pdns/README-dnsdist.md
@@ -471,6 +471,7 @@ single operation with `setRules()`:
 > setRules( { newRuleAction(TCPRule(), AllowAction()), newRuleAction(AllRule(), DropAction()) } )
 ```
 
+NOTE: Adding large numbers of rules (200+) is slow, and will also impact performance significantly. Instead of creating numerous rules, consider using smaller numbers of individual rules that match large numbers of domains or IP addresses, for example using a `SuffixMatchNodeRule` or a `NetmaskGroupRule`. These rules are optimized for hosting thousands or millions of domain names or IP addresses. 
 
 More power
 ----------
-- 
2.40.0