Bind vs flood

Jason Brown jason.brown at kcom.com
Fri Feb 28 10:12:57 UTC 2014


But, it will respond with a valid response (your choice) and therefore not create a servfail due to trying.. that's my point.

From: bind-users-bounces+jason.brown=kcom.com at lists.isc.org [mailto:bind-users-bounces+jason.brown=kcom.com at lists.isc.org] On Behalf Of Ivo
Sent: 28 February 2014 10:10
To: bind-users at lists.isc.org
Subject: Re: Bind vs flood

RPZ cannot rewrite servfail, it is designed to replace a valid response.

On 2/28/14 11:42 AM, Jason Brown wrote:
Isn't this where RPZ comes in? Using RPZ means it is quicker and easier to null amplification, also easier to remove if you do all this with nsupdate, you can also create a webpage for TS to query any fault against.

From: bind-users-bounces+jason.brown=kcom.com at lists.isc.org<mailto:bind-users-bounces+jason.brown=kcom.com at lists.isc.org> [mailto:bind-users-bounces+jason.brown=kcom.com at lists.isc.org] On Behalf Of Peter Andreev
Sent: 28 February 2014 09:36
To: Dmitry Rybin
Cc: BIND Users Mailing List
Subject: Re: Bind vs flood

Well, at first glance it looks like malicious activity, so the best action is to call all users, suspected in sending such requests, and warn them.
The fast and very (very-very-very) dirty solution is to set up zone 84822258.com<http://niqcs.www.84822258.com> on your resolver. This should supress outgoing queries and thus minimize resolving time.

2014-02-28 12:06 GMT+04:00 Dmitry Rybin <kirgudu at corbina.net<mailto:kirgudu at corbina.net>>:
On 27.02.2014 09:59, Dmitry Rybin wrote:
Bind answers with "Server failure". On high load (4 qps) all normal
client can get Servfail on good query. Or query can execute more 2-3
second.

I have an a mistake, 4'000 QPS.

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
https://lists.isc.org/mailman/listinfo/bind-users



--
Is there any problem Exterminatus cannot solve? I have not found one yet.




This email has been scanned for all viruses.

Please consider the environment before printing this email.

The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company or any of its subsidiaries or businesses in any contract or obligation, unless we have specifically agreed to be bound.

KCOM Group PLC is a public limited company incorporated in England and Wales, company number 02150618 and whose registered office is at 37 Carr Lane, Hull, HU1 3RE.

118288 - KCOM Group UK Directory Enquiries. Calls will cost no more than £2.58 connection + £1.79p per minute following the first 60 seconds, including VAT from a KC or BT landline. Call charges from mobiles and other networks may vary. If you are calling from a mobile you will now receive your requested number via text message. You will not be charged for the text message.





_______________________________________________

Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list



bind-users mailing list

bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>

https://lists.isc.org/mailman/listinfo/bind-users





This email has been scanned for all viruses.

Please consider the environment before printing this email.

The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company or any of its subsidiaries or businesses in any contract or obligation, unless we have specifically agreed to be bound.

KCOM Group PLC is a public limited company incorporated in England and Wales, company number 02150618 and whose registered office is at 37 Carr Lane, Hull, HU1 3RE.

118288 - KCOM Group UK Directory Enquiries. Calls will cost no more than £2.58 connection + £1.79p per minute following the first 60 seconds, including VAT from a KC or BT landline. Call charges from mobiles and other networks may vary. If you are calling from a mobile you will now receive your requested number via text message. You will not be charged for the text message.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140228/5cc0907f/attachment.html>


More information about the bind-users mailing list