Hi, Recently I've been having some issues with queries under load on 1.22 from FreeBSD pkg. We've seen some nasty DDOS attacks affecting us and during these one of the side effects has been massive SERVFAILs all over the board. We run an internal anycast system with a couple dedicated forwarders to the rest of the name space.
I during trouble shooting of this discovered that I'd excluded 127.0.0.1 from the access-control: list. Once I changed this, purely as a convenience to myself, I experienced a complete service restoration without the massive SERVFAIL storms. I changed the value using text editor on config file, and then reloaded the daemon using unbound-control. So a few other things happened as well, of course. Muddying the waters. So, my question is: Would not having 127.0.0.1 in the access-control: list make life bad for the daemon in any way? Or was I just lucky that reloading managed to clear the problem at the same time as the "external influence" subsided. Tall order to answer, but I'm mostly after some input as to whether this _could_ have the described effect. Thanks in advance, -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE SA0XLR +46 705 989668 Everybody is going somewhere!! It's probably a garage sale or a disaster Movie!!
signature.asc
Description: PGP signature
