"John Levine" <jo...@taugh.com> writes:
Another surprise is that I'm getting a lot of repeated DNSKEY queries
even though the TTL is an hour. One repeat customer is Cloudflare,
another is pfsense22.plan-gis.net, at some random company in Germany.
Do check/worry about DDoS reflections from UDP requests for DNSKEYs. A
number of addresses out there do seem to always request large packet
type responses, which is always questionable. Making sure something
like RRL is on/implemented is a good thing to do as well.
In this case it's a lot for my tiny server but the total is still only a
few queries per second.
I also get a great deal of junk queries for people who seem to have very
peculiar ideas of what my server does. I've tried various ways to make
them go away such as a referral to an NS that resolves to 127.0.0.1 or a
giant referral to a dozen randomly named NS each with a dozen random IP
addresses. Didn't help.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
