On 08/08/2016 20:59, Frank Even wrote:
> Thanks for the info. Also I'll have to note that I completely missed
> that the "offending IP" is one of the .uk root servers so the next
> logical conclusion is I've probably got a box in one of my environments
> driving an amplification attack of some sor
Thanks for the info. Also I'll have to note that I completely missed that
the "offending IP" is one of the .uk root servers so the next logical
conclusion is I've probably got a box in one of my environments driving an
amplification attack of some sort or something at those IPs that I need to
figu
On 08/08/2016 18:43, Darcy Kevin (FCA) wrote:
> As already noted, allow-query will cause you to send back a REFUSED
> response. That’s sort of the whole point of the REFUSED RCODE.
>
>
>
> If you want to not send back any response **whatsoever**, then take a
> look at the “blackhole” statement,
Email: kevin.da...@fcagroup.com
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Frank
Even
Sent: Saturday, August 06, 2016 4:42 PM
To: bind-users
Subject: allow-query does not seem to be working
I have a group of servers serving out multiple addresses via anycast. I&#x
On 6 August 2016 at 21:41, Frank Even wrote:
> If an IP is not allowed as part of an "allow-query" statement, should the
> name server still be returning any responses?
I would have expected the response to be one of REFUSED.
___
Please visit https://li
I have a group of servers serving out multiple addresses via anycast. I've
been made aware that an IP outside of our network is hitting the boxes with
queries, and we're returning data to the client.
With allow-query and allow-recursion locked to our subnets, this outside
host is still getting re
6 matches
Mail list logo
