Re: what the heck do i do now?

[Gadi Evron <ge () linuxbox org>]

On Thu, 1 Feb 2007, Trent Lloyd wrote:
> <snip>
>
> > The only way for it not to arrive at the name server is for something in
> > the way to block it.  Perhaps a transparent filter, or perhaps the IP
> > addresses of the "name servers" are your firewalls, which will block and
> > pass the rest on to the real name servers behind them.
>
> The problem here is, most people that have experiences this problem, are
> significantly overwhelmed with traffic of people so much as trying to do
> a lookup, even if you firewall it you are still going to get an array of
> queries.
>
> In some cases, also, firewalling these queries makes it worse as servers
> will query multiple times, where as if you give a response with a large
> TTL they will go away.  But then you have to have enough server power to
> handle these queries (and outbound bandwidth to match).
>
> I don't know how much of an impact there is in this case but I know of
> other people who've had this exact same problem and the traffic load of
> the attempted queries was immense.

We can discuss this forever. Paul can either maintain the service until he
is sick of it, and hope they go away - or kick it. He waited long enough
that even if we don't agree, hopefully non of us will have arguments with
him.

Depending on time investment issues, contacting some of the big hitters
and seeing why they hit him may be interesting and may help stop a lot of
these.

Some generic emails to the hitters may also be an over-kill, but would
satisfy some of the prettier souls among us.

        Gadi.