Search Again: Re: Recursive query delays From: Jerry Pasker-Systems Admin. Date: Wednesday, December 8, 1999 Time: 5:40:00 am On or near 12/2/99, Chris Buxton wrote: > >So if you're a PSInet customer, you should consider setting your DNS >servers to forward queries to PSInet's DNS servers. This way, you get >the benefit of their improved lookup time, their potentially larger >cache, and your own cache. > >It is considered bad manners to forward queries to a company other >than your upstream provider (or their upstream provider), at least >without permission, because this would mean that you're using their >resources without being their customer. > This is/was a large part of my DNS slowdown problems. Apparently, there were a huge number of requests coming from IPs that were part of another (competitor) ISP that was looking up hundreds of thousands of reverse DNS records. I'm assuming they were processing their webserver log files, and using my DNS server to do all the lookups. It acutally boarders on Denial of Service. Or Theft of Services. Or at least "Low down and dirty things that ISPs do to each other." I don't know for certain if they're doing it to hose my DNS, or if they're doing it because their NT "Dee-Enn-Ess" can't handle the load. I've filtered a large number of their IP addreses (the range they have thier workstations in) in my router, and that's apparently solved the problem for now. This has the drawback of degrading my router's performance, since it has to compare every packet is processes to the rules that I've defined. It's load average used to run at about 12-15%, now it's at 35%-55%. Is there any other way to keep my DNS server from being abused? Especailly in a more "pro-active" way? I can keep my mailserver from being used by outside sources (SMTP relay) but can I do the same with my DNS server? -Jerry

Messages In This Thread: Recursive query delays by Craig Bowers on Dec 1, 1999 at 8:55:00 pm Re: Recursive query delays by Men & Mice Support on Dec 2, 1999 at 1:34:00 pm Re: Recursive query delays by Craig Bowers on Dec 4, 1999 at 3:17:00 am Re: Recursive query delays by Men & Mice Support on Dec 4, 1999 at 4:24:00 am Re: Recursive query delays by Craig Bowers on Dec 7, 1999 at 12:31:00 am Re: Recursive query delays by Men & Mice Support on Dec 7, 1999 at 12:50:00 am Re: Recursive query delays by Jerry Pasker-Systems Admin. on Dec 8, 1999 at 5:40:00 am Re: Recursive query delays by Men & Mice Support on Dec 8, 1999 at 7:31:00 pm Re: Recursive query delays by Jerry Pasker-Systems Admin. on Dec 8, 1999 at 10:01:00 pm Re: Recursive query delays by Men & Mice Support on Dec 9, 1999 at 1:57:00 am Re: Recursive query delays by Eric Bickford on Aug 14, 2000 at 12:05:28 pm Re: Recursive query delays by Men & Mice Support on Aug 14, 2000 at 12:22:36 pm Re: Recursive query delays by Eric Bickford on Aug 14, 2000 at 12:37:36 pm Re: Recursive query delays by Men & Mice Support on Aug 14, 2000 at 12:54:43 pm Re: Recursive query delays by Eric Bickford on Aug 15, 2000 at 12:09:20 pm Re: Recursive query delays by Men & Mice Support on Aug 15, 2000 at 12:35:21 pm Re: Recursive query delays by Eric Bickford on Aug 15, 2000 at 4:31:57 pm