DDOS Atatck on BIND 9.8.0
John.Manson at mail.house.gov
Fri Sep 21 13:59:04 UTC 2012
Sounds like the internet is using your external dns server to do recursive queries.
This will reduce the unwanted queries.
On your external dns server, create 2 views, one for your internal dns forwarders to point to (recursive) and one for internet queries to you (authoritative).
Name them Inside and Outside.
Create two acls accordingly with the acl for the authoritative view set to 'any'.
List the recursive view first in the named config file.
In the recursive view set recursion yes and additional-from-cache yes.
In the authoritative view, set both to no.
Hope this helps
More information about the bind-users