11 May
2005
11 May
'05
1:59 p.m.
so What is the best way to prevent DNS queries consuming bandwidth.
Run an authoritative-only DNS server that won't respond to queries for domains it doesn't handle. tinydns from http://cr.yp.to/djbdns.html would be an example.
with BIND9, you just have to install a zone by that name, containing an A/127.0.0.1 for every name you're seeing queries for. that'll get action by whoever made the mistaken delegation toward your server... (i promise.) -- Paul Vixie