North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: what the heck do i do now?

  • From: Trent Lloyd
  • Date: Wed Jan 31 20:59:57 2007

<snip>

> The only way for it not to arrive at the name server is for something in
> the way to block it.  Perhaps a transparent filter, or perhaps the IP
> addresses of the "name servers" are your firewalls, which will block and
> pass the rest on to the real name servers behind them.

The problem here is, most people that have experiences this problem, are
significantly overwhelmed with traffic of people so much as trying to do
a lookup, even if you firewall it you are still going to get an array of
queries.

In some cases, also, firewalling these queries makes it worse as servers
will query multiple times, where as if you give a response with a large
TTL they will go away.  But then you have to have enough server power to
handle these queries (and outbound bandwidth to match).

I don't know how much of an impact there is in this case but I know of
other people who've had this exact same problem and the traffic load of
the attempted queries was immense.

Cheers,
Trent