[Pdns-users] Queries .domain. Attack to root server?
Peter van Dijk
peter.van.dijk at powerdns.com
Sun Dec 13 15:57:30 UTC 2015
Hello Federico,
On 13 Dec 2015, at 16:17, Federico Olivieri wrote:
> It seems quite odd to me but not sure if is a kind of attack to root
> server. Anyone has any idea/suggestion? In case, how can I block it
> (was
> thinking about and iptables filter for .domain queries)
If you set root-nx-trust in your recursor.conf, the Recursor will turn
the first NXDOMAIN into a negative cache entry for the whole domain
‘TLD’, until that entry expires. This will severely reduce your
outgoing queries for names under .domain.
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
More information about the Pdns-users
mailing list