on TTL expiry BIND sends 'ANY' query, gets back 'NOANSWER'
p.mayers at imperial.ac.uk
Mon Apr 13 12:08:51 UTC 2015
On 11/04/15 14:03, Chuck Anderson wrote:
> I can't stop clients from making certain kinds of queries (unless BIND
> has a feature to refuse such queries or not recurse for them?).
> Whenever a client makes the 'ANY' query, it effectively causes a DoS
> on that name. Luckily the MinTTL is only 30 seconds, so the problem
> goes away after 30 seconds.
This is a fair point. TBH I wonder if bind mightn't be better caching
ANY as a separate pseudo-type, if I'm understanding the problem correctly.
More information about the bind-users