Please look at the comments for CLOUDSTACK-5494 and CLOUDSTACK-6432 on JIRA. Maybe it helps.
-Wei 2014-12-15 13:13 GMT+01:00 Indra Pramana <in...@sg.or.id>: > Dear all, > > We are using CloudStack 4.2.0 with KVM hypervisors. > > Is there a way to prevent our virtual routers (VRs) to be targeted by DNS > amplification attack? It seems that the DNS services on dnsmasq running on > the VRs are by default recursive, causing it to easily be targeted for DNS > amplification attack. > > Any advice on how to overcome this? > > Looking forward to your reply, thank you. > > Cheers. >
