> Am 06.05.2021 um 18:41 schrieb Axel Rau <axel....@chaos1.de>: > > This NS has some other clients in the DMZ LAN, so I need Views.
With 2 views ddos trace looks much better: 17:40:21.483188 186.149.116.55.80 > 91.216.35.171.53: [no udp cksum] 1+ RRSIG? pizzaseo.com.(30) (ttl 242, id 21165, len 58) 17:40:21.483470 91.216.35.171.53 > 186.149.116.55.80: [udp sum ok] 1 Refused- q: RRSIG? pizzaseo.com. 0/0/0(30) (DF) (ttl 64, id 0, len 58) Hopefully, they give up in some days, if there is no amplification any more. I have now 2 views. All zones are in the internal view. The (only) external zones in external view use in-view to reference them in internal view. axfr seems to work,, notify still to be tested. If someone wants to play with the staging server please: dig ANY chaos1.de. @ns3.lrau.net. Any feedback welcome, Axel --- PGP-Key: CDE74120 ☀ computing @ chaos claudius
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users