Hello Federico,
On 13 Dec 2015, at 16:17, Federico Olivieri wrote:
It seems quite odd to me but not sure if is a kind of attack to root
server. Anyone has any idea/suggestion? In case, how can I block it
(was
thinking about and iptables filter for .domain queries)
If you set root-nx-trust in your recursor.conf, the Recursor will turn
the first NXDOMAIN into a negative cache entry for the whole domain
‘TLD’, until that entry expires. This will severely reduce your
outgoing queries for names under .domain.
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users
