problem: with "allow-query {all}" some querys are denied
Christopher McCrory
chrismcc at netus.com
Fri Feb 11 21:07:32 UTC 2000
Hello...
<note> I am sending this again, I think the first try didn't make it
through the usenet gatway</note>
After being a relay for a aol MX DoS attack, I put in some acl
restrictions.
something like this:
acl AS6592 { 127.0.0.1; 209.95.192.0/19 };
options {
...
allow-query {AS6592};
...
};
zone "example.com" {
type master;
file "db.example.com";
allow-query { any};
};
...other domains done the same...
In 13 hours I got 62 "unapproved query" messages for domains that I host
with the "allow-query { any};" tag. Overall I average about 2 requests
per second.
So out of about 100,000 requests in 13 hours I rejected 62 valid
requests. This seems "statistically insignificant". But, I should not
be seeing these rejects at all.
Does anyone else see this activity? Is this normal?
The server is running bind 8.2.2 Patch5, has plenty of horepower, dual
PII350, ram 512Meg, running RH linux. The current mem usage is 47 megs
for the named process.
--
Christopher McCrory
Lead Bithead, Netus Inc.
chrismcc at netus.com
admin at netus.com
"Linux: Because rebooting is for adding new hardware"
More information about the bind-users
mailing list