We have a problem with one of our firewalls caused by DNS peaks. Once or twice
a day a DNS burst (20K requests/15sec) kills all connections on the firewall.
The firewall is due for replacement but in the mean time we would like to stop
these peaks at their origin or at least try to limit their
Holemans Wim wim.holem...@ua.ac.be wrote:
I have 2 questions, one, is there a way to rate-limit the amount of
request a single client (the AD servers in this case) can have standing
out against a bind server ? Kind of rate-limiting parameter for bind
name server.
There isn't a way to do
bind-users-bounces+wbrown=e1b@lists.isc.org wrote on 06/15/2012
04:25:16 AM:
We have a problem with one of our firewalls caused by DNS peaks.
Once or twice a day a DNS burst (20K requests/15sec) kills all
connections on the firewall.
The firewall is due for replacement but in the mean
Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp
One of the problems is that these firewalls are going to be replaced soon and
we don't want to spend to much effort in trying to fix what seems an annoying
side-effect of something caused by a DNS
On Fri, Jun 15, 2012 at 9:37 PM, Holemans Wim wim.holem...@ua.ac.be wrote:
Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp
One of the problems is that these firewalls are going to be replaced soon and
we don't want to spend to much effort in
Universiteit Antwerpen
Network Services University of Antwerp
-Original Message-
From: Fajar A. Nugraha [mailto:w...@fajar.net]
Sent: vrijdag 15 juni 2012 17:02
To: Holemans Wim
Cc: bind-users@lists.isc.org
Subject: Re: limiting number of requests of a single hosts
On Fri, Jun 15, 2012 at 9:37 PM
You DO realize that DNS is (mostly) UDP packets, and an attacker (or
in your case, the ADs) can simply send UDP packet floods to kill your
firewall (in your current state), regardless how your DNS server is
configured, even when the DNS server is down?
Once we had the firewall for DNS, when
On Jun 15, 2012, at 4:25 AM, Holemans Wim wrote:
We have a problem with one of our firewalls caused by DNS peaks.
Yes. EOM
W
Once or twice a day a DNS burst (20K requests/15sec) kills all connections on
the firewall.
The firewall is due for replacement but in the mean time we would like
Hi there,
On Fri, 15 Jun 2012, Holemans Wim wrote:
... Once or twice a day a DNS burst (20K requests/15sec) kills all
connections on the firewall.
Have you disabled firewall connection tracking for DNS requests?
We have 6 dns servers (bind) on our campus, that are all
authoritative for our
On 15/06/12 16:37, Holemans Wim wrote:
Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp
One of the problems is that these firewalls are going to be replaced soon and
we don't want to spend to much effort in trying to fix what seems an annoying
10 matches
Mail list logo