Hello Kilian, >> Are there any recommended settings for auth or dnsdist for mitigation such attacks? >When using dnsdist before a recursor, you could apply client rate limiting >to further protect against this and similar attacks. see https://dnsdist.org/guides/dynblocks.html https://dnsdist.org/advanced/qpslimits.html for some documentation and examples. Winfried