On 11.09.2012 05:52, Robert Schwartz wrote: > The question I have for you all is: Is this something affecting other > operators? How have you been dealing with it?
The largest attack came in at >20k queries/second at one of our authoritative servers and frequently crashed the Realtek NIC and/or driver. For the last weeks, I see a constant rate of about 6-7k qps, all ANY queries to a single domain. The NIC driver still logs a few errors but the server didn't crash again so far. For now, iptables rate filtering keeps the bulk of it away from the NS, though I start to see new patterns, e.g. querying non-existend TLDs. Hauke.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
