Hi Hal, In addition to this you might also want to look into Response Rate Limiting. This may help to reduce the load on your DNS servers from bad actors without having to play a cat & mouse game of spotting and blocking them.
Response Rate Limiting is explained in detail in the BIND ARM here (scroll down to section 4.2.16.19): https://downloads.isc.org/isc/bind9/9.18.2/doc/arm/html/reference.html Best, Richard. From: bind-users <bind-users-boun...@lists.isc.org> On Behalf Of Jeff Sumner Sent: 20 April 2022 9:25 pm To: King, Harold Clyde (Hal) <h...@utk.edu>; bind-users <bind-users@lists.isc.org> Subject: Re: How can I tell if a quiry is answered or denied *************** You can turn on answer logging: rndc answerlog ************ Apologies- I believe the above is likely specific to EIP DNS builds. J
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
