You can use iptables to rate-limit the IP.
On 7/26/2016 12:11 PM, Ejaz wrote:
All.
There is huge traffic coming out from my DNS server since yesterday
and flooding the IP 212.107.121.110, though I have increased the
limitation of tcp-clients in named.conf but still the issue. any help
would be highly appreciate.
My bind version is
[root@ns10 ~]# named -v
BIND 9.9.2-P1
When checking there are several entries as below.
Jul 26 10:53:26 ns10 named[3004]: client 212.107.121.110#4636: no more
TCP clients: quota reached
quota reached
Jul 26 10:53:13 ns10 named[3004]: client 212.107.121.110#4571: no more
TCP clients: quota reached
Jul 26 10:53:13 ns10 named[3004]: client 212.107.121.110#4572: no more
TCP clients: quota reached
Jul 26 10:53:19 ns10 named[3004]: client 212.107.121.110#4597: no more
TCP clients: quota reached
Jul 26 10:53:25 ns10 named[3004]: client 212.107.121.110#4633: no more
TCP clients: quota reached
Jul 26 10:53:25 ns10 named[3004]: client 212.107.121.110#4635: no more
TCP clients: quota reached
Jul 26 10:53:26 ns10 named[3004]: client 212.107.121.110#4636: no more
TCP clients: quota reached
Thanks,
Mohammed Ejaz
Asst. Operation Director of Systems.
Cyberia SAUDI ARABIA
P.O.Box: 301079, Riyadh 11372
Phone: (+966) 11 464 7114 Ext. 140
Mobile: (+966) 562311787
Fax: (+966) 11 465 4735
Website: http://www.cyberia.net.sa
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
