Sporadic but noticable SERVFAILs in specific nodes of an anycast resolving farm running BIND

Kostas Zorbadelos kzorba at otenet.gr
Sun Mar 9 20:21:37 UTC 2014

LuKreme <kremels at kreme.com> writes:

> On 08 Mar 2014, at 12:52 , Kostas Zorbadelos <kzorba at otenet.gr> wrote:
>> One mitigation approach is to blackhole the domains using local zones.
> That’s not much of a mitigation. Not having open resolvers would be
> mitigation. 

It is a "quick and dirty" approach, since closing all open resolvers is
much harder and wishful thinking. But of course I agree that actions
must be made for the long-term solution al well.



More information about the bind-users mailing list