> On my DNS authoritative servers which are behind an OpenBSD 6.6 firewall I > just saw some weird UDP high volume traffic on port 53 my these DNS servers > coming from Google (e.g. 74.125.18.1 or 172.253.214.111). > > These few IPs generated around 5200 requests/second on my DNS servers so I > was wondering if one can also limit the rate of requests in PF on UDP traffic > such as can be done with TCP (using max-src-nodes, max-src-conn, etc)? > > Looking at the documentation (https://www.openbsd.org/faq/pf/filter.html) it > only mentions TCP. So I deduct that it is simply not possible to somehow > limit the rate of UDP connections with PF, am I right here?
Would it help to queue the UDP traffic and limit the bandwidth of the queue? Regards Ben
