nanog mailing list archives
Re: what the heck do i do now?
From: Trent Lloyd <lathiat () bur st>
Date: Thu, 1 Feb 2007 10:55:32 +0900
<snip>
The only way for it not to arrive at the name server is for something in the way to block it. Perhaps a transparent filter, or perhaps the IP addresses of the "name servers" are your firewalls, which will block and pass the rest on to the real name servers behind them.
The problem here is, most people that have experiences this problem, are significantly overwhelmed with traffic of people so much as trying to do a lookup, even if you firewall it you are still going to get an array of queries. In some cases, also, firewalling these queries makes it worse as servers will query multiple times, where as if you give a response with a large TTL they will go away. But then you have to have enough server power to handle these queries (and outbound bandwidth to match). I don't know how much of an impact there is in this case but I know of other people who've had this exact same problem and the traffic load of the attempted queries was immense. Cheers, Trent
Current thread:
- Re: what the heck do i do now?, (continued)
- Re: what the heck do i do now? Michael Froomkin - U.Miami School of Law (Jan 31)
- Re: what the heck do i do now? Mark Foster (Jan 31)
- Re: what the heck do i do now? Paul Vixie (Jan 31)
- RE: what the heck do i do now? Gregory Taylor (Jan 31)
- Message not available
- Re: what the heck do i do now? Paul Vixie (Jan 31)
- Re: what the heck do i do now? Jon Lewis (Jan 31)
- Re: what the heck do i do now? Ross Hosman (Jan 31)
- Re: what the heck do i do now? Trent Lloyd (Jan 31)
- Re: what the heck do i do now? Gadi Evron (Jan 31)