[Pdns-users] [Pdns-announce] Related to recent DoS attacks: Recursor configuration file guidance

Rygl AleŇ° ales at rygl.net
Fri Feb 7 05:14:08 UTC 2014


Hi everybody.

I have just verified that increasing filedescriptors works. The recommended 
value of 4096 may not be enough when you are ISP. I have 16384 now and using 
lsof to count open files shows nearly 10.000 open files. The amount of 
requests is not high about 2.000 q/sec.

Should I increase also the number of max-mthreads under these conditions (4096 
now) ?

Regards
Ales




On Thursday 06 of February 2014 20:23:53 Peter van Dijk wrote:
> Hello Asif,
> 
> to my knowledge, there is no updated RPM. In your case, please look at 
options 1, 2 and 3 in the blog post at 
http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-
configuration-file-guidance/
> 
> If you do those things, you do not need a patched package.
> 
> Kind regards,
> -- 
> Peter van Dijk
> Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
> 
> On 06 Feb 2014, at 16:51 , Asif Murad Khan <asifmuradkhan at gmail.com> wrote:
> 
> > Hi Bert,
> > 
> > We have use CentOS 6.4 64-bit and install pdns-recursor 3.5.3-1 from 
monshouwer repository. now we have not face any ddos attack problem. but we 
want to update it. have we get any update via repo.
> > 
> > regards,
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20140207/b2740ca1/attachment-0001.html>


More information about the Pdns-users mailing list