Search Again: Re: How DNS works ? From: Men & Mice Support Date: Friday, November 1, 2002 Time: 4:03:08 pm At 3:09 PM -0600 11/1/02, Len Conrad wrote: >>1) Due I think to an obviously broken server somewhere, somebody began >>querying my servers for the zone over and over. (about 600 Q's per second) >>OK, so I had that that guy killed at my ISP's router. > >it's broken, or malicious > >>2) even after that, our DNS traffic was hugely higher than normal. >>So I re-added the zone, but gave it an ip of 127.0.0.1 and no MX record > >ok, or just block the querying ip at your edge router. > >>That reduced the dns traffic to the normal level. >> >>Is it normal or typical for a dns server to keep trying repeatedly to get a >>zone if the authoritative servers have no answer? > >of course not. 5 secs is the usual query timeout for, eg, BIND. I believe the issue here isn't a timeout, it's a delay before re-querying after a lame response. If I understand what Aaron said correctly, the server in question replies, but it's no longer authoritative for the zone, so it sends some sort of delegation response (a lame one). ____________________________________________________________________ Chris Buxton Men & Mice support@menandmice.com Making DNS Easy

Messages In This Thread: How DNS works ? by Aaron Lynch on Nov 1, 2002 at 11:00:50 am Re: How DNS works ? by Len Conrad on Nov 1, 2002 at 3:09:50 pm Re: How DNS works ? by Men & Mice Support on Nov 1, 2002 at 4:03:08 pm Re: How DNS works ? by Len Conrad on Nov 1, 2002 at 6:05:44 pm Re: How DNS works ? by Aaron Lynch on Nov 1, 2002 at 9:10:53 pm