We are noticing that a handful of our domains are being used for amplification attacks and we would like to reduce outgoing (DNS response) packet size.
One solution is to reduce the additional sections in the response for these handful zones and I would like to know if there is any way to add something similar to "additional-from-auth no" per zone basis and achieve what I want. On Monday, June 24, 2013 1:13:24 AM UTC-7, Steven Carr wrote: > On 24 June 2013 08:14, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > > > You still have not answered my question, so I repeat it: > > > > > >>> > What is the point of your question? > > > > > > > I think what Matus wants to know is your reasoning/problem/issue about > > not returning records from the cache for those zones? > > > > The answer is no you can't restrict it to zones only to global or a > > view, but if you can give us some more information on what/why then we > > may be able to help come up with some other solution that would help. > > > > Steve _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
