these are unique queries, the name changes for each one. But as Paul
Vixie
elucidated, from the root-server perspective, these are all answers
from one
zone though, the root zone. And that is where RRL kicks in.
You have to ask yourself what this site is doing that generates these
queries.
I'm sure there are legitimate reasons but I'm not sure the Internet is
going to be able to handle every otherwise-legitimate survey/whatever.
If an app is "legitimately" generating this many NXDOMAINs, perhaps it
should be managing its own RDNS, with appropriate expertise at hand.
I suppose one could attack an innocent site by inducing it to do such
lookups,
e.g. filling your PTR records with non-existent domains then hitting
ports that
"check" by doing a reverse lookup, then validating with a forward
lookup.
John Wobus
Cornell University IT
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
