In message , Tony Finch
writes:
> S Carr wrote:
> >
> > You might want to check whether the requests are legitimate before
> > completely blocking them, rate limiting would be a better option.
>
> Remember this is TCP traffic.
>
> RRL is designed to deal with spoofed UDP traffic. It can actual
S Carr wrote:
>
> You might want to check whether the requests are legitimate before
> completely blocking them, rate limiting would be a better option.
Remember this is TCP traffic.
RRL is designed to deal with spoofed UDP traffic. It can actually make
non-spoofed floods worse, because RRL push
Hi there,
On Tue, 26 Jul 2016, Ejaz wrote:
There is huge traffic coming out from my DNS server since yesterday and
flooding the IP 212.107.121.110 ...
Are you able to let us see your bind configuration?
This might be IP spoofing, an attempted a DOS attack on the IP.
Is there any reason why
Thanks for all the comments.
One more thing I can control it through rate limit or block whole but the
same thing happened to another network will be problem ??
See the packet capture from the network device the outgoing traffic passing
from 0 port instead of 53. Why is that any clue.
On 26 July 2016 at 09:53, Tony Finch wrote:
> Ejaz wrote:
>>
>> I am not using iptable firewall from my redhat Linux box, all traffic
>> manged by network team..
You might want to check whether the requests are legitimate before
completely blocking them, rate limiting would be a better option.
Ejaz wrote:
>
> I am not using iptable firewall from my redhat Linux box, all traffic
> manged by network team..
Well then, you should co-operate with them to fix the problem.
You might find that it helps to put the following in the options{} section
of named.conf, but I'm not sure if it will
Ok that's fine. But what is the reason why it is sending such huge traffic
towards particluare IPs,
Ejaz
-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net]
Sent: Tuesday, July 26, 2016 11:36 AM
To: Ejaz ; 'Abdul Khader' ;
bind-users@lists.isc.org
Subject: Re: outg
I am not using iptable firewall from my redhat Linux box, all traffic
manged by network team..
Ejaz
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
Abdul Khader
Sent: Tuesday, July 26, 2016 11:21 AM
To: bind-users@lists.isc.org
Subject: Re: outgoing-traffic
You can use iptables to rate-limit the IP.
On 7/26/2016 12:11 PM, Ejaz wrote:
All.
There is huge traffic coming out from my DNS server since yesterday
and flooding the IP 212.107.121.110, though I have increased the
limitation of tcp-clients in named.conf but still the issue. any help
wo
On 26.07.16 00:27, blrmaani wrote:
Sorry for not being clear. Our DNS server scrapes entries from a database
and creates a DNS zone entries. Our DNS server is configured as a DNS
master i.e type=master in BIND config for this zone.
The database is the source of truth for DNS hosts which are in
All.
There is huge traffic coming out from my DNS server since yesterday and
flooding the IP 212.107.121.110, though I have increased the limitation of
tcp-clients in named.conf but still the issue. any help would be highly
appreciate.
My bind version is
[root@ns10 ~]# named -v
On 26/07/16 01:40, /dev/rob0 wrote:
Features which would work well behind a GUI frontend exist, and more
are coming in BIND 9.11. See the rndc(8) manual and the various
commands it has.
To expand on this - the catalog zones in bind 9.11 should permit in-band
provisioning of new DNS zones. On
Sorry for not being clear. Our DNS server scrapes entries from a database and
creates a DNS zone entries. Our DNS server is configured as a DNS master i.e
type=master in BIND config for this zone.
The database is the source of truth for DNS hosts which are in multiple
locations and we do not wa
13 matches
Mail list logo
