> Am 06.05.2021 um 18:41 schrieb Axel Rau <axel....@chaos1.de>: > > This NS has some other clients in the DMZ LAN, so I need Views.
With 2 views ddos trace looks much better:
17:40:21.483188 186.149.116.55.80 > 91.216.35.171.53: [no udp cksum] 1+ RRSIG?
pizzaseo.com.(30) (ttl 242, id 21165, len 58)
17:40:21.483470 91.216.35.171.53 > 186.149.116.55.80: [udp sum ok] 1 Refused-
q: RRSIG? pizzaseo.com. 0/0/0(30) (DF) (ttl 64, id 0, len 58)
Hopefully, they give up in some days, if there is no amplification any more.
I have now 2 views. All zones are in the internal view.
The (only) external zones in external view use in-view to reference them in
internal view.
axfr seems to work,, notify still to be tested.
If someone wants to play with the staging server please:
dig ANY chaos1.de. @ns3.lrau.net.
Any feedback welcome,
Axel
---
PGP-Key: CDE74120 ☀ computing @ chaos claudius
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
