Mitigation of server's load by queries for non-existing domains

[Tomas Hozza]

Hello all.

Recently I was trying to find a mechanism in BIND that could prevent the server from processing a recursive query for non-existing domains. The issue I was trying to solve was that when server was getting too many queries for such domains it was not able to handle other relevant queries. The non-exiting domains have just few common non-existing parent domains, so one can match most of them by wildcard RR.

I was thinking about using RPZ with QNAME policy trigger, but this applies only to the responses to queries and still makes the server to try to resolve it. As far as I'm familiar with RRL, it will also not help, since it also applies to the response to a query.

One possible solution that came to my mind was to define a zone for each of the "parent" domains and then just return localhost address or something similar to any query to that domain. I know this is kind of dummy, but this was the first thing that came to my mind. I know the server will still process the query, but will at least not do any recursion.

Is there any better mechanism to solve such problem?

Thank you in advance.

Regards,
Tomas
-- 
Tomas Hozza
Senior Software Engineer - EMEA ENG Developer Experience

PGP: 1D9F3C2D
UTC+1 (CET)
Red Hat Inc.                 http://cz.redhat.com