DDOS Atatck on BIND 9.8.0
Manson, John
John.Manson at mail.house.gov
Fri Sep 21 13:59:04 UTC 2012
Sounds like the internet is using your external dns server to do recursive queries.
This will reduce the unwanted queries.
On your external dns server, create 2 views, one for your internal dns forwarders to point to (recursive) and one for internet queries to you (authoritative).
Name them Inside and Outside.
Create two acls accordingly with the acl for the authoritative view set to 'any'.
List the recursive view first in the named config file.
In the recursive view set recursion yes and additional-from-cache yes.
In the authoritative view, set both to no.
Hope this helps
JM
More information about the bind-users
mailing list