In message <alpine.deb.2.11.1607261404120.25...@grey.csi.cam.ac.uk>, Tony Finch writes: > S Carr <sjc...@gmail.com> wrote: > > > > You might want to check whether the requests are legitimate before > > completely blocking them, rate limiting would be a better option. > > Remember this is TCP traffic. > > RRL is designed to deal with spoofed UDP traffic. It can actually make > non-spoofed floods worse, because RRL pushes UDP traffic to TCP, and TCP > is very easy to saturate. > > You might find it helps to avoid truncated responses, e.g. by turning on > the minimal-responses option. (See also minimal-any in BIND 9.11)
We need to go back to basics. What question is being ask and is there a sensible response being returned? Recursive servers don't keep asking questions over and over for no reason and this sounds like that is happening. > Tony. > -- > f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode > Southeast Iceland: Northerly or northwesterly 5 to 7, occasionally gale 8 > until later in north. Moderate or rough. Occasional rain, fog patches. > Moderate or good, occasionally very poor. > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
