Blackholing / Load help
Barry Margolin
barmar at alum.mit.edu
Wed Nov 30 02:16:53 UTC 2005
In article <dmiuoa$26eg$1 at sf1.isc.org>,
"McLaughlin, Scott" <scottm at newedgenetworks.com> wrote:
> Yes, this is exactly what I meant, you explained it much better then I did.
> HA
> We have only tested this in BIND 9.3.0
>
> We were attempting blackhole some huge spaces as an experiment, but found
> that this block isn't just for incoming traffic querying the server. If a
> root server falls in that range the BIND server is un-able to talk to that
> root server anymore as well.
Blackhole restricts both clients and servers that your server will talk
to. You won't respond to queries from them, and you won't send
recursive queries to them. As far as your server is concerned, those
addresses don't exist.
If you want to block queries only, use allow-query rather than blackhole.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list