Tomas Hozza <tho...@redhat.com> wrote: > > Recently I was trying to find a mechanism in BIND that could prevent the > server from processing a recursive query for non-existing domains.
Have a look at https://www.isc.org/blogs/tldr-resolver-ddos-mitigation/ > I was thinking about using RPZ with QNAME policy trigger, but this > applies only to the responses to queries and still makes the server to > try to resolve it. RPZ has a "qname-wait-recurse no" option. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Rockall, Malin: Northwest becoming cyclonic later, 5 to 7 occasionally gale 8 at first. Rough or very rough, becoming moderate or rough. Rain or showers. Moderate or good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
