Bind vs flood

Chris Buxton clists at buxtonfamily.us
Fri Feb 28 17:57:29 UTC 2014


On Feb 28, 2014, at 2:12 AM, Jason Brown <jason.brown at kcom.com> wrote:

> But, it will respond with a valid response (your choice) and therefore not create a servfail due to trying.. that’s my point.

Nope. RPZ only alters responses as they're on their way back to the requestor. The query is still resolved normally first. It does not short-circuit recursion.

Chris Buxton




> From: bind-users-bounces+jason.brown=kcom.com at lists.isc.org [mailto:bind-users-bounces+jason.brown=kcom.com at lists.isc.org] On Behalf Of Ivo
> Sent: 28 February 2014 10:10
> To: bind-users at lists.isc.org
> Subject: Re: Bind vs flood
>  
> RPZ cannot rewrite servfail, it is designed to replace a valid response.
> 
> On 2/28/14 11:42 AM, Jason Brown wrote:
> Isn’t this where RPZ comes in? Using RPZ means it is quicker and easier to null amplification, also easier to remove if you do all this with nsupdate, you can also create a webpage for TS to query any fault against.
>  
> From: bind-users-bounces+jason.brown=kcom.com at lists.isc.org [mailto:bind-users-bounces+jason.brown=kcom.com at lists.isc.org] On Behalf Of Peter Andreev
> Sent: 28 February 2014 09:36
> To: Dmitry Rybin
> Cc: BIND Users Mailing List
> Subject: Re: Bind vs flood
>  
> Well, at first glance it looks like malicious activity, so the best action is to call all users, suspected in sending such requests, and warn them.
> The fast and very (very-very-very) dirty solution is to set up zone 84822258.com on your resolver. This should supress outgoing queries and thus minimize resolving time.
>  
> 2014-02-28 12:06 GMT+04:00 Dmitry Rybin <kirgudu at corbina.net>:
> On 27.02.2014 09:59, Dmitry Rybin wrote:
> 
> Bind answers with "Server failure". On high load (4 qps) all normal
> client can get Servfail on good query. Or query can execute more 2-3
> second.
>  
> I have an a mistake, 4'000 QPS.
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> 
> 
> -- 
> Is there any problem Exterminatus cannot solve? I have not found one yet.
> 
> 
> 
> 
> 
> This email has been scanned for all viruses.
> 
> Please consider the environment before printing this email.
> 
> The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company or any of its subsidiaries or businesses in any contract or obligation, unless we have specifically agreed to be bound.
> 
> KCOM Group PLC is a public limited company incorporated in England and Wales, company number 02150618 and whose registered office is at 37 Carr Lane, Hull, HU1 3RE.
> 
> 118288 - KCOM Group UK Directory Enquiries. Calls will cost no more than £2.58 connection + £1.79p per minute following the first 60 seconds, including VAT from a KC or BT landline. Call charges from mobiles and other networks may vary. If you are calling from a mobile you will now receive your requested number via text message. You will not be charged for the text message.
> 
> 
> 
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>  
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>  
> 
> 
> 
> 
> This email has been scanned for all viruses.
> 
> Please consider the environment before printing this email.
> 
> The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company or any of its subsidiaries or businesses in any contract or obligation, unless we have specifically agreed to be bound.
> 
> KCOM Group PLC is a public limited company incorporated in England and Wales, company number 02150618 and whose registered office is at 37 Carr Lane, Hull, HU1 3RE.
> 
> 118288 - KCOM Group UK Directory Enquiries. Calls will cost no more than £2.58 connection + £1.79p per minute following the first 60 seconds, including VAT from a KC or BT landline. Call charges from mobiles and other networks may vary. If you are calling from a mobile you will now receive your requested number via text message. You will not be charged for the text message.
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140228/26daf822/attachment-0001.html>


More information about the bind-users mailing list