On 2018-08-29, NN <def...@posteo.de> wrote: > Hi, > > All is working for me with new ACL Rule: > > access-control: 0.0.0.0/0 allow > > Many Thanks Solène Rapenne ! > > ISSUE is closed. > > P.S. > > Why opening unbound to the internet is a bad idea ???
Because your resolver *will* be found and quite likely people will send packets with a bogus source address, causing you to spew crap at the poor victim whose address was spoofed. Also they won't care if your upstream bandwidth is flooded. Turn it off again now and restrict it to your legitimate users' addresses. People running actual public resolvers open to the world have to put a lot of work into abuse mitigation. >>>>> # interface: 188.192.103.156 confirmed!
