A lot of times we get responses that look like:
a.b.c.d CNAME x.y.z
x.y.z IP 1.1.1.1
BIND always sends out an additional query as soon as it encounters the CNAME it
stops processing and either x.y.z. is in cache or needs another query to
respond.
Is there a setting in BIND to actually use the
A lot of times we get responses that look like:
FOO.BAR CNAME EXAMPLE.BAR
EXAMPLE.BAR A 1.1.1.1
BIND currently (atleast with the default settings) when it encounters
a CNAME stops processing and checks if EXAMPLE.BAR is in cache or else
sends out another query to resolve it even though the A rec
Do you realy mean 1 GByte?
I dubt, your NS can handel this traffic...
1 Gbits.
I was under attacking that time.
1 Gbits is nothing indeed.
Last year the traffic was about 10 Gbits to my customer's DNS cluster.
--
Email/Jabber/Gtalk: pa...@riseup.net
Free DNS Hosting with www.DNSbed.com
___
Kevin Darcy writes:
> Don't think that's a logging option, but if the Dynamic Update is still in
> the zone's journal file, you could use "journalprint" (or
> "named-journalprint" as it's called in later versions) to see the gory
> details...
Thank you. That should do the job.
Martin
On 6/28/2012 4:27 PM, Martin McCormick wrote:
Is it possible to log the actual IP address of A records
being added or deleted? The kind of log entry I refer to is as
follows:
client 192.168.103.93#26446: updating zone 'osu/IN': adding an RR at
'lse213_sharpmx5111n.cas.osu' A
Is
I have an environment that hosts a BIND based internet facing domain, call it
abc.com. I also have an internal Active Directory instance that hosts a MS
based DNS instance called abc.com as well. Everything works fine until we
decided to implement DNSSEC on Active Directory.
Here is my questi
Is it possible to log the actual IP address of A records
being added or deleted? The kind of log entry I refer to is as
follows:
client 192.168.103.93#26446: updating zone 'osu/IN': adding an RR at
'lse213_sharpmx5111n.cas.osu' A
Is there a way to have the IP address of that A re
On Wed, June 27, 2012 11:20, pangj wrote:
> DNS is very easy to be attacked.
> My named service got 1G or more traffic of attack some time.
> How can we take some steps to prevent them?
Do you realy mean 1 GByte?
I dubt, your NS can handel this traffic... :-D
I have seen the statistics of my IS
Rafael Molina wrote:
> > I don´t find the ways to limit of queries per minutes on this customer
> > Is it possible in Bind9 a filtering these queries, to limit the responses ?
There is a patch for BIND which can help:
http://www.redbarn.org/dns/ratelimits
Tony.
--
f.anthony.n.finchhttp://
Hi,
Recently, I have been watching on one DNS server a lot of queries from
a customer to ¨time-b.netgear.com¨ (Maybe a Netgear´s NTP server).
About 1000 queries per minute.
tail -f /var/log/bind9-query.log | grep time-b.netgear.com
21-Jun-2012 12:50:53.003 client 186.14.xx.xx#32770: query
On 06/28/2012 02:36 AM, pangj wrote:
There is also a patch for BIND which can help:
http://www.redbarn.org/dns/ratelimits
Thank you.
The traffic is incoming, and the incoming IPs are fake, how will the
patch work to stop them?
Read the archives that Tony pointed you at. There is much disc
On 28.06.12 08:21, Mark Andrews wrote:
I would set up 10.in-addr.arpa which is slaved on all internal
nameservers and delegate the /24's as required. 10.in-addr.arpa
won't change much and will be cheaper in the long run than using a
stub zone.
Just to add that you may need delegation NS record
On 26.06.12 11:07, Brad Bendily wrote:
Personally, I'd rather edit 1 file, than hundreds of different files.
and when you make a mistake in one file, you will f*ck up everything
instead of one /24 subnet
I can add the DNS entry and IP address and reload the service. No trying to
figure out
13 matches
Mail list logo
