In message <[email protected]>, Tony Finch writes: > S Carr <[email protected]> wrote: > > > > You might want to check whether the requests are legitimate before > > completely blocking them, rate limiting would be a better option. > > Remember this is TCP traffic. > > RRL is designed to deal with spoofed UDP traffic. It can actually make > non-spoofed floods worse, because RRL pushes UDP traffic to TCP, and TCP > is very easy to saturate. > > You might find it helps to avoid truncated responses, e.g. by turning on > the minimal-responses option. (See also minimal-any in BIND 9.11)
We need to go back to basics. What question is being ask and is there a sensible response being returned? Recursive servers don't keep asking questions over and over for no reason and this sounds like that is happening. > Tony. > -- > f.anthony.n.finch <[email protected]> http://dotat.at/ - I xn--zr8h punycode > Southeast Iceland: Northerly or northwesterly 5 to 7, occasionally gale 8 > until later in north. Moderate or rough. Occasional rain, fog patches. > Moderate or good, occasionally very poor. > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > [email protected] > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
