Dns-operations mailing list

[Hospedaje Web y Servidores Dedicados <ventas AT dedicados.com.mx>]

im having same issue with 4 of my dns servers, i get report of DDOS 
attacks from my servers.

so i need to set the recursion to NO.

this change will make tier2 work good? or dont?

Ing. Alejandro M.
Hospedaje Web y Servidores Dedicados
http://www.dedicados.com.mx
------
correo / msn: ventas AT dedicados.com.mx
skype: dedicados
------

El 12/01/2014 05:14 p. m., Martin C escribió:
> > thing.  I did a quick check and noticed that you are resolving recursive
> > lookups, which is the reason why you are being flooded. Tier-1 servers
> > should NOT resolve recursively for this very reason. If you turn off
> > recursion, you should find that the attacks mostly go away within a few
> > days.
> I thought it was disabled. This is what my named.conf.options had:
>          //recursion yes;
>          allow-query { any; };
>          auth-nxdomain no;    # conform to RFC1035
>          //listen-on-v6 { any; };
>          listen-on { any; };
>          version "[hidden]";
>
> now I have underneath that:
>          recursion no;
>          allow-recursion {"none";};
>
>
> we'll see how that goes.