Blocking zone transfer requests from another ISP
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Mon Nov 27 21:51:58 UTC 2000
You can blackhole the servers.
Mark
> One of my name servers seems to be getting hit very hard... hundreds of
> repeat requests for zone transfers from an overseas ISP. When I
> tcpdump, I get blah-blah, "Refused." It appears to have happened all
> day, and I think it corrupted something on the primary name server
> because of the intensive logging going on.. I've brought another system
> on-line until I can dig into the first one to find out what happened.
> The second one is now refusing to transfer requests to this ISP same as
> the first unit did.
>
> I have attempted to contact them, but there's a language problem...
> possibly they've gotten the message as it's slowing down a little,
> however, is there any way to block this specific companies name servers
> until they get this figured out? I don't like the sound of my server
> thrashing - eventhough they are rejections. There are two IP addresses
> that are being associated with their name servers and I stated above,
> requests are being denied, but they are all logging.
>
> Thanks.
> Bob M.
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list