Thanks for all the comments.
One more thing I can control it through rate limit or block whole but the same thing happened to another network will be problem ?? See the packet capture from the network device the outgoing traffic passing from 0 port instead of 53. Why is that any clue. I mean bind application should not all other port instead 53?? Gi0/2 212.119.64.2 Gi0/1 212.118.122.99 11 0000 0000 362K Gi0/2 212.119.64.3 Gi0/1 212.118.122.99 11 0000 0000 66K Gi0/2 212.119.64.2 Gi0/1 212.118.122.100 11 0000 0000 375K Gi0/2 212.119.64.3 Gi0/1 212.118.122.100 11 0000 0000 68K Gi0/2 212.119.64.2 Gi0/1 212.118.122.101 11 0000 0000 362K Gi0/2 212.119.64.3 Gi0/1 212.118.122.101 11 0000 0000 66K Thanks in advance for your support. Ejaz -----Original Message----- From: Tony Finch [mailto:d...@dotat.at] Sent: Tuesday, July 26, 2016 11:54 AM To: Ejaz <me...@cyberia.net.sa> Cc: 'Abdul Khader' <akha...@ies.etisalat.ae>; bind-users@lists.isc.org Subject: RE: outgoing-traffic Ejaz < <mailto:me...@cyberia.net.sa> me...@cyberia.net.sa> wrote: > > I am not using iptable firewall from my redhat Linux box, all > traffic manged by network team.. Well then, you should co-operate with them to fix the problem. You might find that it helps to put the following in the options{} section of named.conf, but I'm not sure if it will be effective against a TCP flood attack. blackhole { 212.107.121.110; }; Tony. -- f.anthony.n.finch < <mailto:d...@dotat.at> d...@dotat.at> <http://dotat.at/> http://dotat.at/ - I xn--zr8h punycode Forties, Cromarty, Forth, Tyne, Dogger: West or southwest 4 or 5. Slight, occasionally moderate at first. Rain or showers. Good, occasionally moderate.
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
