I've been seeing some strange problems in DNS lately (named 8.2.4-REL)
where the nameserver stops resolving certain sites. During investigation
I noticed that my query rate is way up. Many more DNS requests than
normal are hitting my servers. Is anyone else seeing anything like this?
Matthew E. Martini, PE InVision.com, Inc. (631) 543-1000 x104
Chief Technology Officer matt@invision.net (631) 864-8896 Fax
_______________________________________________________________________pgp_
I've been seeing some strange problems in DNS lately (named 8.2.4-REL)
where the nameserver stops resolving certain sites. During
investigation I noticed that my query rate is way up. Many more DNS
requests than normal are hitting my servers. Is anyone else seeing
anything like this?
Could just be that someone || groupd of people, have decided to use your
DNS servers as their own for resolving queries?
I've seen DOS-type behavior where a client will query a resolver for a
name that doesn't exist, and the client does not accept the answer that
the name does not exist and immediately sends another query, regardless
of whether or not the resolver declared itself authoritative for the
negative answer.
Stop allowing the world to recurse through your authoritative servers. This invites abuse.
Provide a separate set of servers for your customers to recurse through, which serve no authoritative data and which have access restricted to your own network and your customers'.