Re: limit the number of invalid domain queries

It sounds like you are subject of a DoS attack or are being used in a DoS attack against someone else. Often the IP addresses are forged. In other cases they come from recursive servers that are also being abused. You can configure response rate limiting. https://bind9.readthedocs.io/en/v9_16

limit the number of invalid domain queries

Hi , I have a DNS server using BIND 9.16 software. I have a phenomenon where there are many queries from different IPs to the subdomains of cosy.vn (these subdomains do not exist; the domain name cosy.vn is the main domain I am using). These queries cause an overload for my system. I have used IP

Re: Is there an incompatibility between 9.16.37/9.18.11 and 9.9 when doing HMAC-MD5 AXFR?

Hi Patrik. 9.9? Classic! :D I don't believe there should be any incompatibilities. Are you perhaps falling foul of this? From Cricket's book, chapter 11 It’s important that the name of the key—not just the binary data the key points to— be identical on both ends of the transaction. If it’s not, th

Is there an incompatibility between 9.16.37/9.18.11 and 9.9 when doing HMAC-MD5 AXFR?

Hi all Due to circumstances beyond my control a remote partner needs to use a 9.9.9 version of bind and we are required to use HMAC-MD5 for zone transfers. There is no (big) security concern since the networks are isolated and not exposed to the larger Internet. When the secondary requests an

Re: Message "Loop detected resolving..." and different query-behavior after flushing a cache entry

Hi Ondrej I've created the issue: https://gitlab.isc.org/isc-projects/bind9/-/issues/3885 Best regards, Tom On 2/21/23 14:24, Ondřej Surý wrote: Tom, the ADB (Address DataBase) responsible for caching the delegations had been heavily refactoring in 9.19 branch, I think the best course of act

Re: Message "Loop detected resolving..." and different query-behavior after flushing a cache entry

Tom, the ADB (Address DataBase) responsible for caching the delegations had been heavily refactoring in 9.19 branch, I think the best course of action would be to fill a GitLab issue with the description, so we can follow-up there. Ondrej -- Ondřej Surý (He/Him) ond...@isc.org My working hours

Message "Loop detected resolving..." and different query-behavior after flushing a cache entry

Hi list Using BIND-9.19.10: An A-query on our resolver for "ns2.comtronic.ch" causes the following info in the named.log, after the first response was answered to the client and cached and then the entry is flushed from cache with "rndc flushname ns2.comtronic.ch": 21-Feb-2023 09:23:15.463 re