DoS crashes named with too many open files?
Nate Campi
nate at campin.net
Thu Mar 28 17:36:37 UTC 2002
On Thu, Mar 28, 2002 at 05:03:43PM +0000, Simon Waters wrote:
>
> ryan wrote:
> >
> > I currently have a ongoing problem with one of our recursive
> > nameservers
> >
> > When I got onto the box last night (Solaris 8 running 8.2.3) I found
> > the following messages in the logs....
>
> 8.2.3 had a problem with certain types of incorrect delegation
> causing query storms, but that shouldn't create connections (I
> assume TCP?) unless the queries themselves are bigger than 512.
>
> Still I'd probably upgrade anyway, I think 8.2.3.1 fixed it, but
> just get the latest version of 8.
8.3.0 had the problem with possible query storms, and 8.3.1 (the latest
8 release) fixed it. I thought the storms were directed up toward the
roots. The 8.3.1-REL CHANGES file just says this:
1324. [bug] certian bad delegations could result in a DNS
storm.
I'm not sure exactly how it manifests. Anyone?
> > In turns out that one of the offending customers had an open mail
> > relay I don't know if this is significant to my problem.
>
> I'd check the other one doesn't have an open relay as well.
Right - mail servers are what make my busiest resolvers sustain between
1500 and 2500 queries/sec on weekdays. I can only imagine what kind of
DNS traffic a well connected open relay would produce at peak abuse.
--
Nate
The 5 year plan:
In five years we'll make up another plan.
Or just re-use this one.
More information about the bind-users
mailing list