I have,
allow-query { any; };
allow-query-cache { recursive-users; };
allow-recursion { recursive-users; };How can I make sure that none recursive-users get a REFUSED if query is recursive? Axel PS: I want to minimize the responses to this amplification attack: - - - 19:05:18.703238 185.230.55.130.30120 > 91.216.35.71.53: [no udp cksum] 1+ RRSIG? pizzaseo.com.(30) (ttl 249, id 33043, len 58) 19:05:18.703568 91.216.35.71.53 > 185.230.55.130.30120: [udp sum ok] 1- q: RRSIG? pizzaseo.com. 0/13/14 ns: com. NS j.gtld-servers.net., com. NS m.gtld-servers.net., com. NS c.gtld-servers.net., com. NS b.gtld-servers.net., com. NS d.gtld-servers.net., com. NS e.gtld-servers.net., com. NS l.gtld-servers.net., com. NS f.gtld-servers.net., com. NS h.gtld-servers.net., com. NS i.gtld-servers.net., com. NS a.gtld-servers.net., com. NS k.gtld-servers.net., com. NS g.gtld-servers.net. ar: m.gtld-servers.net. A 192.55.83.30, l.gtld-servers.net. A 192.41.162.30, k.gtld-servers.net. A 192.52.178.30, j.gtld-servers.net. A 192.48.79.30, i.gtld-servers.net. A 192.43.172.30, h.gtld-servers.net. A 192.54.112.30, g.gtld-servers.net. A 192.42.93.30, f.gtld-servers.net. A 192.35.51.30, e.gtld-servers.net. A 192.12.94.30, d.gtld-servers.net. A 192.31.80.30, c.gtld-servers.net. A 192.26.92.30, b.gtld-servers.net. A 192.33.14.30, a.gtld-servers.net. A 192.5.6.30, m.gtld-servers.net. AAAA 2001:501:b1f9::30(490) (ttl 63, id 11754, len 518) - - - --- PGP-Key: CDE74120 ☀ computing @ chaos claudius
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
