Date: Tue, 4 Nov 2003 06:04:08 -0800 From: Pete Ehlke <pde@ehlke.net> To: "Jason C. Wells" <jcw@highperformance.net> Cc: chat@freebsd.org Subject: Re: Too Much DNS Traffic / Analysis Message-ID: <20031104140408.GA6133@ehlke.net> In-Reply-To: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com> References: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 03, 2003 at 06:54:35PM -0800, Jason C. Wells wrote: > I get what I think is way too much traffic on DNS. I recently read about > DNS misconfigurations and the trouble they cause. I am suspicious that I > am one of the culprits. (I have been running with the same config for > a long time. I would mortified to find that my DNS is fubar.) > > My DNS works. I can query the world and the world can query me. One > point of concern is that my name server is behind a firewall with PAT/NAT. > > In 'ipfw show' I can see that 528 packets came in on smtp. 20 packets > came in on http. Something like 40,000 packets came in on DNS in one day. > This seems to be way too much DNS traffic for the little bit of use my > network sees. > I assume, since you didn't tell us what name servers you're talking about, that you mean ns1.highperformance.net and ns2.highperformance.net. ns2 seems to be dropping queries, and ns1 provides recursive service to the world. Both of these conditions can cause you to handle more DNS traffic than you otherwise would. Rob Thomas' Secure BIND Template (http://www.cymru.com/Documents/secure-bind-template.html) is an excellent concise resource on how to run a good DNS installation, but in the end there is no substitute for _DNS & BIND_, 4th Ed. -Pete
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031104140408.GA6133>