[45172] in North American Network Operators' Group
Re: DNS DOS increasing?
daemon@ATHENA.MIT.EDU (Alex Kamantauskas)
Mon Jan 21 09:29:44 2002
Date: Mon, 21 Jan 2002 09:29:07 -0500 (EST)
From: Alex Kamantauskas <alexk@tugger.net>
To: Avleen Vig <lists-nanog@silverwraith.com>
Cc: "nanog@merit.edu" <nanog@merit.edu>
In-Reply-To: <20020120235856.K38194-100000@apple.silverwraith.com>
Message-ID: <Pine.GSO.4.33.0201210927120.28589-100000@karlheinz.appliedtheory.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
>> I've been seeing some strange problems in DNS lately (named 8.2.4-REL)
>> where the nameserver stops resolving certain sites. During
>> investigation I noticed that my query rate is way up. Many more DNS
>> requests than normal are hitting my servers. Is anyone else seeing
>> anything like this?
>
> Could just be that someone || groupd of people, have decided to use your
> DNS servers as their own for resolving queries?
>
I've seen DOS-type behavior where a client will query a resolver for a
name that doesn't exist, and the client does not accept the answer that
the name does not exist and immediately sends another query, regardless
of whether or not the resolver declared itself authoritative for the
negative answer.
--
/ak
