On 1/23/19 8:44 PM, Mark Andrews wrote:
> and they your firewalls don’t block well formed DNS queries (lots of
> them do by default).
My edge routers block *all* inbound DNS requests -- I was being hit by a
ton of them at one point.  Cavaet: I don't run a DNS server that is a
domain zone master -- I use a DNS service for that.  I do have a DNS
server inside, but only to handle recursive requests from inside my network.

Outbound DNS requests?  Lets them through, and responses too.


Reply via email to