Thanks for your reply Bert, I am trying the iptables rules for stopping "questions" -m string --hex-string "|0000ff0001|" and not allowing to overload my small DNSs.
On Fri, Dec 18, 2015 at 3:01 PM, bert hubert <[email protected]> wrote: > On Fri, Dec 18, 2015 at 02:50:22PM -0600, Josh Sanders wrote: > > Remote xxx.xxx.xxx.www wants 'domainD.com|ANY', do = 0, bufsize = 1680: > > packetcache MISS > > > > As you may see, 'any-to-tcp=yes' seems to be not working so far ... > > Can you tcpdump? They could simply be sking the question, doesn't mean they > have to *respect* your TC=1 answer. Since that is all we can do, set TC=1. > It does not stop the questions! > > We do provide a really small answer that way, which stops the amplification > from working. > > Bert >
_______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
