Bind vs flood
Dmitry Rybin
kirgudu at corbina.net
Thu Feb 27 05:59:55 UTC 2014
Over 2 weeks ago begins flood. A lot of queries:
niqcs.www.84822258.com
vbhea.www.84822258.com
abpqeftuijklm.www.84822258.com
adcbefmzidmx.www.84822258.com
and many others.
Bind answers with "Server failure". On high load (4 qps) all normal
client can get Servfail on good query. Or query can execute more 2-3 second.
Recursion clients via "rnds status" 300-500.
I can try to use rate limit:
rate-limit {
nxdomains-per-second 10;
errors-per-second 10;
nodata-per-second 10;
};
I do not see an any improvement.
Found one exit in this situation, add flood zones local.
What can we do in this situation?
More information about the bind-users
mailing list