Blackholing / Load help

Barry Margolin barmar at
Wed Nov 30 02:16:53 UTC 2005

In article <dmiuoa$26eg$1 at>,
 "McLaughlin, Scott" <scottm at> wrote:

> Yes, this is exactly what I meant, you explained it much better then I did.
> HA
> We have only tested this in BIND 9.3.0 
> We were attempting blackhole some huge spaces as an experiment, but found
> that this block isn't just for incoming traffic querying the server.  If a
> root server falls in that range the BIND server is un-able to talk to that
> root server anymore as well.  

Blackhole restricts both clients and servers that your server will talk 
to.  You won't respond to queries from them, and you won't send 
recursive queries to them.  As far as your server is concerned, those 
addresses don't exist.

If you want to block queries only, use allow-query rather than blackhole.

Barry Margolin, barmar at
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

More information about the bind-users mailing list